This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Servlets and the fly likes Filter question(s) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Filter question(s)" Watch "Filter question(s)" New topic

Filter question(s)

Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299

I am trying to implement a simple Filter so that basically, all it does is check to see if the user is logged in and if not, redirects to the login page.
The problem I having is trying to figure out a clean way of enforcing this filter on secure pages but not on public pages like index, login, etc. My filter works, but right now, everything goes through the filter, thus, I get in crazy continuous loops when redirecting and forwarding.
I would like to know what other people have done in regards to this issue.

GenRocket - Experts at Building Test Data
Ken Robinson
Ranch Hand

Joined: Dec 23, 2003
Posts: 101
I've thought about this in the past and can think of one possible solution.
In a seperate file, have a delimited list of URLs that are excluded. In the Filter's init() method, read those URLs into a HashMap. Look at the URL of the current Request. If it has an entry in the HashMap, just call Chain.doFilter without doing any work.
Basically it's an exlusion file that you have to create, init and check for explicitly. Most likely, the method you need is only available in HttpServletRequest, not ServletRequest. You will probably have to cast the ServletRequest to an HttpServletRequest instance. This should not be a problem, but double check.
I agree. Here's the link:
subject: Filter question(s)
Similar Threads
Odd problem with RichFaces and Servlet Filter
Configuration of filter problem
How to implement authentication for each jsp page
how to redirect to success page in tomcat using its lapd configuration
How to use OpenID, specifically OpenID4Java library