I'm developing a login mechanism that authenticates the user within a webfilter. When the login-button is clicked and the credentials are valid it's supposed to redirect.
The problem I have is, that the Webfilter doesn't seem to have the credentials after the login button has been pushed the first time. Logging suggests that the parameters are not present in the @SessionScoped bean that is supposed to store the credentials.
For it to actually log in, I have to push the login-button again (this time it does not matter wheter I put in the credentials at all) and then I get redirected.
The same problem also occurs when I try to invalidate the session. I'm on the page, click the button to invalidate, the page gets shown again and only after a refresh I get redirected to the login page.
The whole process of validating the user and redirecting in case the session is not valid takes place within a webfilter.
I assume the problem is, that parameters and other actions only take effect after the webfilter has been processed, but then, how are these mechanisms supposed to work? I've read everywhere that self-implemented login-mechanisms should be implemented in a webfilter, and it makes perfect sense to do so.
Aucun commentaire:
Enregistrer un commentaire