Edmund Said:
From what I read from the specification, by default the filter should only be activated for requests coming directly from the client. I have explicitly stated this with <dispatcher>REQUEST</dispatcher> too.
I had a look at the Dispatcher element
schema, here is what it mentions
The dispatcher has four legal values: FORWARD, REQUEST, INCLUDE and ERROR. A value of FORWARD means the Filter will be applied under RequestDispatcher.forward() calls. A value of REQUEST means the Filter will be applied under ordinary client calls to the path or servlet. A value of INCLUDE means the Filter will be applied under RequestDispatcher.include() calls. A value of ERROR means the Filter will be applied under the error page mechanism. The absence of any dispatcher elements in a filter-mapping indicates a default of applying filters only under ordinary client calls to the path or servlet.
By default filter will be applied to the path or
servlet. Path like "/*" means filter will be applied to everything after the context.
Maybe some one else can explain why REQUEST in Dispatcher does not prevent filter from being applied on actionMapping.findForward("test");
What are ordinary Client calls apart from client browser?