• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Filter has Exclude url-pattern ?

 
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am trying to implement a simple AuthFilter so that basically, all it does is check to see if the user is logged in and if not, redirects to the login page.

However, there are both "public" and "protected" resources in my webapp, where the public resources will not use AuthFilter , while the protected resources need the AuthFilter.

e.g.
public resources : URL-pattern = /welcome.do
protected resources: URL-pattern =/*.do



How can I just EXCLUDE the /welcome.do url-pattern to be intercepted by the Filter ?

I would like to know what other people have done in regards to this issue.

Thanks.
 
Ranch Hand
Posts: 250
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
Have the mapping in this order and it will work

<filter-mapping>
<filter-name>NormalAccessFilter</filter-name>
<url-pattern/welcome.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>/*.do</url-pattern>
</filter-mapping>

The request that will have /welcome will be server by the NormalAccessFilter. And the requests that need authorization will be server by AuthFilter.
 
Ranch Hand
Posts: 151
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Vince,


How can I just EXCLUDE the /welcome.do url-pattern to be intercepted by the Filter ?



You can use request.getServletPath() function to see if resource "/welcome.do" is being accessed, if so just invoke the regular filterchain else check for auth token (cookie/session attribute - whichever way you have implemented it) if auth token available continue with filtechain else redirect to login page.

If you want to avoid hard coding in your filter then probably the option suggested by sawan is a good option.

Hope this helps.
 
Vince Hon
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Sawan and Anand.
It works now
 
Vince Hon
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


<filter-mapping>
<filter-name>NormalAccessFilter</filter-name>
<url-pattern/welcome.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>/*.do</url-pattern>
</filter-mapping>



sorry, Sawan, this will caused error due to

even if I changed it to
,

"welcome.do" will be served by NormalAccessFilter THEN AuthenFilter
 
sawan parihar
Ranch Hand
Posts: 250
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Vince,

"welcome.do" will be served by NormalAccessFilter THEN AuthenFilter



Only if you call them in chain. FilterChain.doFilter() else it shouldn't.




 
Vince Hon
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks, I got what you mean. This means just add a "dummy" filter that end the filter chain.
 
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
sawan,
if u dont call FilterChain.doFilter(), then servlet or JSP mapped for /welcome.do won't be invoked right.. is that what u are looking for Vince?

Correct me if i am wrong...

Radmika,
SCJP, SCBCD, SCWCD (Preparing)
 
sawan parihar
Ranch Hand
Posts: 250
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

if u dont call FilterChain.doFilter(), then servlet or JSP mapped for /welcome.do won't be invoked right.. is that what u are looking for Vince?



If a request maps to two url pattern (/*.do and /welcome.do in our case) all the requests that come for /welcome.do will invoke NormalAccessFilter and if in this filter we are calling FilterChain.doFilter() then only the filters will be called in the chain.

Hope that helps.
 
Vince Hon
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sawan, I got some confusion, I conclude my requirement:

*.do (except welcome.do) --> intercepted by AuthenFilter
welcome.do --> don't intercepted by AuthenFilter



In this case, "welcome.do" will be served by NormalAccessFilter THEN AuthenFilter.

If I don't call FilterChain.doFilter() in the NormalAccessFilter, then welcome.do will not be invoked, this is NOT I wanted.
 
sawan parihar
Ranch Hand
Posts: 250
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Vince,
I should have explained this in more detail . There are many ways to implement this but the way I was suggesting is :


<filter-mapping>
<filter-name>NormalAccessFilter</filter-name>
<url-pattern/welcome.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>/*.do</url-pattern>
</filter-mapping>



When the request for /welcome.do will come it will be intercepted by NormalAccessFilter. As this filter is not calling others in chain here you can dispatch the request to any resource that you want. That means in normal access filter you can dispatch to /welcome.do and it will work. Sorry, I forgot to mention that you need to dispatch the request in my previous posts.

For the second case all other requests will be intercepted by AuthFilter which you call this in chain so that you don't need to dispatch to any other resource.

Hope it is clear.
 
Vince Hon
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Sawan, I finally got the solution:


When the request for /welcome.do will come it will be intercepted by NormalAccessFilter. As this filter is not calling others in chain here you can dispatch the request to any resource that you want. That means in normal access filter you can dispatch to /welcome.do and it will work



My understanding:

Treat NormalAccessFilter as a filter that /* stop any follow filter chain and dispatch to the request resource directly */.
reply
    Bookmark Topic Watch Topic
  • New Topic