It's not a secret anymore!
The moose likes Servlets and the fly likes filter for authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "filter for authentication" Watch "filter for authentication" New topic

filter for authentication

april hobart

Joined: Oct 12, 2005
Posts: 1
I am trying to create a site that uses a login process. I have already gotten hibernate to work and am recieving a valid login from my database. I need to put a filter in to check if a user is logged in. If they are not redirct the user back to the sign in page. How do I check to see if they have a valid login? I shouldn't have to do it against the database if I am doing that in the Login Servlet or should I? My servlet gets a hibernate session does a specific query, places the results into a list and then the results are placed into a http session. here is my doFilter code:

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
logger.debug("Starting doFilter()");

HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;

String email = req.getParameter("email");
String password = req.getParameter("password");

if (email != null && password != null){


How do I check if they are logged in?
Please help
Kerry Wilson
Ranch Hand

Joined: Oct 29, 2003
Posts: 254
Pull the results from the session and redirect if they are not logged in. Remember to return from method when redirecting instead of continuing the chain.
SCJP 1.4
I agree. Here's the link:
subject: filter for authentication
It's not a secret anymore!