| Author |
Filter has Exclude url-pattern ?
|
Vince Hon
Ranch Hand
Joined: Feb 11, 2003
Posts: 117
|
|
I am trying to implement a simple AuthFilter so that basically, all it does is check to see if the user is logged in and if not, redirects to the login page.
However, there are both "public" and "protected" resources in my webapp, where the public resources will not use AuthFilter , while the protected resources need the AuthFilter.
e.g.
public resources : URL-pattern = /welcome.do
protected resources: URL-pattern =/*.do
How can I just EXCLUDE the /welcome.do url-pattern to be intercepted by the Filter ?
I would like to know what other people have done in regards to this issue.
Thanks.
|
Vince Hon<br /> <br />SCJP 1.4 | SCWCD | SCBCD <br /><a href="http://vincehon.homeip.net:8000/VJW" target="_blank" rel="nofollow">http://vincehon.homeip.net:8000/VJW</a>
|
 |
sawan parihar
Ranch Hand
Joined: Aug 24, 2004
Posts: 250
|
|
Hi,
Have the mapping in this order and it will work
<filter-mapping>
<filter-name>NormalAccessFilter</filter-name>
<url-pattern/welcome.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>/*.do</url-pattern>
</filter-mapping>
The request that will have /welcome will be server by the NormalAccessFilter. And the requests that need authorization will be server by AuthFilter.
|
Sawan<br />SCJP,SCWCD,SCBCD<br /> <br />Every exit is an entry somewhere.
|
|
Anand Wadhwani
Ranch Hand
Joined: Mar 21, 2005
Posts: 151
|
|
Hi Vince,
How can I just EXCLUDE the /welcome.do url-pattern to be intercepted by the Filter ?
You can use request.getServletPath() function to see if resource "/welcome.do" is being accessed, if so just invoke the regular filterchain else check for auth token (cookie/session attribute - whichever way you have implemented it) if auth token available continue with filtechain else redirect to login page.
If you want to avoid hard coding in your filter then probably the option suggested by sawan is a good option.
Hope this helps.
|
SCWCD 1.4<br />---------------------<br />Ability is what you're capable of. <br />Motivation determines what you do. <br />Attitude determines how well you do it.<br />---------------------
|
|
Vince Hon
Ranch Hand
Joined: Feb 11, 2003
Posts: 117
|
|
Thanks Sawan and Anand.
It works now
|
|
Vince Hon
Ranch Hand
Joined: Feb 11, 2003
Posts: 117
|
|
<filter-mapping>
<filter-name>NormalAccessFilter</filter-name>
<url-pattern/welcome.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>/*.do</url-pattern>
</filter-mapping>
sorry, Sawan, this will caused error due to
even if I changed it to
,
"welcome.do" will be served by NormalAccessFilter THEN AuthenFilter
|
|
sawan parihar
Ranch Hand
Joined: Aug 24, 2004
Posts: 250
|
|
Hello Vince,
"welcome.do" will be served by NormalAccessFilter THEN AuthenFilter
Only if you call them in chain. FilterChain.doFilter() else it shouldn't.
|
|
Vince Hon
Ranch Hand
Joined: Feb 11, 2003
Posts: 117
|
|
|
Thanks, I got what you mean. This means just add a "dummy" filter that end the filter chain.
|
|
Radmika Arunachalam
Ranch Hand
Joined: Mar 29, 2004
Posts: 45
|
|
sawan,
if u dont call FilterChain.doFilter(), then servlet or JSP mapped for /welcome.do won't be invoked right.. is that what u are looking for Vince?
Correct me if i am wrong...
Radmika,
SCJP, SCBCD, SCWCD (Preparing)
|
|
sawan parihar
Ranch Hand
Joined: Aug 24, 2004
Posts: 250
|
|
if u dont call FilterChain.doFilter(), then servlet or JSP mapped for /welcome.do won't be invoked right.. is that what u are looking for Vince?
If a request maps to two url pattern (/*.do and /welcome.do in our case) all the requests that come for /welcome.do will invoke NormalAccessFilter and if in this filter we are calling FilterChain.doFilter() then only the filters will be called in the chain.
Hope that helps.
|
|
Vince Hon
Ranch Hand
Joined: Feb 11, 2003
Posts: 117
|
|
Sawan, I got some confusion, I conclude my requirement:
*.do (except welcome.do) --> intercepted by AuthenFilter
welcome.do --> don't intercepted by AuthenFilter
In this case, "welcome.do" will be served by NormalAccessFilter THEN AuthenFilter.
If I don't call FilterChain.doFilter() in the NormalAccessFilter, then welcome.do will not be invoked, this is NOT I wanted.
|
|
sawan parihar
Ranch Hand
Joined: Aug 24, 2004
Posts: 250
|
|
Hello Vince,
I should have explained this in more detail . There are many ways to implement this but the way I was suggesting is :
<filter-mapping>
<filter-name>NormalAccessFilter</filter-name>
<url-pattern/welcome.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>/*.do</url-pattern>
</filter-mapping>
When the request for /welcome.do will come it will be intercepted by NormalAccessFilter. As this filter is not calling others in chain here you can dispatch the request to any resource that you want. That means in normal access filter you can dispatch to /welcome.do and it will work. Sorry, I forgot to mention that you need to dispatch the request in my previous posts.
For the second case all other requests will be intercepted by AuthFilter which you call this in chain so that you don't need to dispatch to any other resource.
Hope it is clear.
|
|
Vince Hon
Ranch Hand
Joined: Feb 11, 2003
Posts: 117
|
|
Thanks Sawan, I finally got the solution:
When the request for /welcome.do will come it will be intercepted by NormalAccessFilter. As this filter is not calling others in chain here you can dispatch the request to any resource that you want. That means in normal access filter you can dispatch to /welcome.do and it will work
My understanding:
Treat NormalAccessFilter as a filter that /* stop any follow filter chain and dispatch to the request resource directly */.
|
|
 |
|
|
subject: Filter has Exclude url-pattern ?
|
|
|
0
