-2
Hey guys, I’m having a problem with my access control, instead of making it impossible to enter the home screen without logging in, it’s letting you enter the home screen and blocking the login screen.
Bean class code
package control;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import model.Buffet;
import model.BuffetDAO;
import util.SessionUtil;
@ManagedBean
@SessionScoped
public class BuffetBean {
private String loginBuffet;
private String senha;
private Buffet buffet;
private String info;
private String novaSenha;
private String confSenha;
private String cnpj;
public BuffetBean() {
buffet = new Buffet();
}
public String acessarSistema() {
buffet = new BuffetDAO().buscarUsuario(loginBuffet);
Object b = new Object();
if (buffet != null) {
if (buffet.getEmail().equals(loginBuffet)
&& buffet.getSenha_Empresa().equals(senha)) {
if (buffet.getStatusBuffet().equals("1")) {
info = "Login feito";
SessionUtil.setParam("UsuarioLogado", b);
return "inicial.html";
}
else if (buffet.getStatusBuffet().equals("2")) {
return "";
} else {
info = "Dados Incorretos !!!";
return "";
}
} else {
info = "Dados Incorretos !!!";
return "";
}
} else {
info = "Dados Incorretos !!!";
return "";
}
}
public String getLoginBuffet() {
return loginBuffet;
}
public void setLoginBuffet(String loginBuffet) {
this.loginBuffet = loginBuffet;
}
public String getSenha() {
return senha;
}
public void setSenha(String senha) {
this.senha = senha;
}
public Buffet getBuffet() {
return buffet;
}
public void setBuffet(Buffet buffet) {
this.buffet = buffet;
}
Code of the access control class
package control;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
@WebFilter(servletNames = { "Faces Servlet" })
public class ControleDeAcesso implements Filter {
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
if ((session.getAttribute("UsuarioLogado") != null) ||
(req.getRequestURI().endsWith("login.xhtml"))) {
redireciona("inicial.html", response);
chain.doFilter(request, response);
}
else {
redireciona("login.xhtml", response);
}
}
public void init(FilterConfig filterConfig) throws ServletException {
}
public void destroy() {
}
private void redireciona(String url, ServletResponse response)
throws IOException {
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(url);
}
}
Class code manages session
package util;
import java.io.Serializable;
import javax.faces.context.FacesContext;
import javax.servlet.http.HttpSession;
public class SessionUtil implements Serializable {
private static final long serialVersionUID = 1L;
public static HttpSession getSession() {
FacesContext ctx = FacesContext.getCurrentInstance();
HttpSession sessao = (HttpSession) ctx.getExternalContext().getSession(
false);
return sessao;
}
public static void setParam(String key, Object value) {
getSession().setAttribute(key, value);
}
public static Object getParam(String key) {
return getSession().getAttribute(key);
}
public static void remove(String key) {
getSession().removeAttribute(key);
}
public static void invalidate() {
getSession().invalidate();
}
}