aspose file tools*
The moose likes JSP and the fly likes filter validation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "filter validation" Watch "filter validation" New topic
Author

filter validation

Bug Menot
Greenhorn

Joined: Oct 15, 2004
Posts: 26
I have this filter.

<filter>
<filter-name>authenticator</filter-name>
<filter-class>ex.sample.filters.Auth</filter-class>
</filter>

<filter-mapping>
<filter-name>authenticator</filter-name>
<url-pattern>/*</url-pattern>
</fitler-mapping>

The idea is to validate a user for every request. However, I don't want it to be applied to a request for images or javascripts and such. I only want it to be applied to a request for servlets and JSP's.

Is it possible to use reg-exp for <url-pattern>? If not, what is the best way to do this?
Jeanne Boyarsky
author & internet detective
Marshal

Joined: May 26, 2003
Posts: 31052
    
162

It's traditional to use the servlet mapping. For example "/myRoot/*". All servlet URLs begin with this mapping. It is good practice to not refer to JSPs directly, but through a servlet. But if you have loose JSPs, you could use a similar pattern to pick them up.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
Gavi Raaghav
Ranch Hand

Joined: Apr 28, 2005
Posts: 82
Bug,
It would be great if you can let me know how your filter works?
From where does it picks up the role access mappings etc etc..
Bug Menot
Greenhorn

Joined: Oct 15, 2004
Posts: 26
Gavi,
It checks for a valid session by checking for a session attribute that was assigned to the session when it was first created. The attribute assigned corresponds to the role of the user (when they logged in).

Jeanne,
I already thought about making the url-pattern alike for servlets, it's just huge work because I have lots of servlets. Consider the jsp's that <a href= or <form action= to these servlets.
If reg.exp. was available however, I could probably just say !(/images/ | /js/) and stuff.

Thanks for the reply!
Jeanne Boyarsky
author & internet detective
Marshal

Joined: May 26, 2003
Posts: 31052
    
162

Bug,
As a hack, you could have the filter run for all requests and use an if statement with your regexp to not do anything for the images and javascript directories.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61753
    
  67

I wouldn't condsider that a hack at all. Some of my filters frequently inspect the incoming request to determine what action to take.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: filter validation