If this has been asked before, just point me to the link.
If you had a choice between using a Servlet Filter for web app security or using a Base Servlet that you extend on all your Servlets, which would you prefer and why?
I use a filter for its flexibility. It gets invoked before any servlet for which it is mapped, can be easily configured for various URL patterns without code changes, and doesn't pollute the hierarchy chain of the servlets the way a base class would.
Think of a base servlet as a nuke. It's going to effect everything.
A filter is more presice. You have to map it to each and every resource you want it to effect, but it effects nothing else and can be done so by simply modifying the contents and order of web.xml, not the code.
Hi This depending upon the Resources which App server will serv if your application is getting thousand of hits per min then dont use servlet filert , due to perfornce in servlet filter every request is comming throug servlet filet and responsible to server the satic resources
in other case Filters easy to handle the request. in case of performace
servelter filerts are working on the top of the filters and pp servers