File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes filter for authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "filter for authentication" Watch "filter for authentication" New topic

filter for authentication

april hobart

Joined: Oct 12, 2005
Posts: 1
I am trying to create a site that uses a login process. I have already gotten hibernate to work and am recieving a valid login from my database. I need to put a filter in to check if a user is logged in. If they are not redirct the user back to the sign in page. How do I check to see if they have a valid login? I shouldn't have to do it against the database if I am doing that in the Login Servlet or should I? My servlet gets a hibernate session does a specific query, places the results into a list and then the results are placed into a http session. here is my doFilter code:

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
logger.debug("Starting doFilter()");

HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;

String email = req.getParameter("email");
String password = req.getParameter("password");

if (email != null && password != null){


How do I check if they are logged in?
Please help
Kerry Wilson
Ranch Hand

Joined: Oct 29, 2003
Posts: 254
Pull the results from the session and redirect if they are not logged in. Remember to return from method when redirecting instead of continuing the chain.
SCJP 1.4
I agree. Here's the link:
subject: filter for authentication
It's not a secret anymore!