filters

i have only one filter in my web app which i used for authentication.
but when i execute it the filter is getting executing thrice. can any one tell me the reason about it

static int i=0;
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		System.out.println("authentication filter1"+i++);
		System.out.print("Authentication: Request received ...");
		try {
			boolean authorized = false;
			if (request instanceof HttpServletRequest) {
					HttpSession session = ((HttpServletRequest)request).getSession(false);
					if (session != null) {
						String token = (String) session.getAttribute("userToken");
						String qryStr = ((HttpServletRequest)request).getQueryString();
						if((token != null) || "cLogin".equalsIgnoreCase(qryStr))
							authorized = true;
					}
			}
			if (authorized) {
				chain.doFilter(request, response);
			} else if (fConfig != null) {
				ServletContext context = fConfig.getServletContext();
				String login_page = context.getInitParameter("login_page");
				System.out.println("Authentication: Login page = " + login_page);
				if (login_page != null && !"".equals(login_page)) {
					context.getRequestDispatcher(login_page).forward(request, response);
				}
			} else {
				throw new ServletException ("Unauthorized access, unable to forward to login page");
			}
		} catch (IOException io) {
			System.out.println("IOException raised in AuthenticationFilter");
		} catch (ServletException se) {
			System.out.println("ServletException raised in AuthenticationFilter");
		}
		System.out.print("Authentication: Response dispatched ...");
	}

my web .xml has

is there any way to make it execute once

The only way it can execute multiple times is when the authorized flag is false and is redirected to the login page.
Otheriwse there is no way it can execute multiple times.

yes you are correct, but is there any other logic reduce that.

And also i have one problem , i cant able to get the img and css for my login page ... is there any other logic to handle this more efficiently

Arvind Subramanian wrote:yes you are correct, but is there any other logic reduce that.

Once the user is authenticated set the token.
Next when the user comes request will be with the user token.

Arvind Subramanian wrote:
And also i have one problem , i cant able to get the img and css for my login page ... is there any other logic to handle this more efficiently

What issue your are getting with this.
Check the path definition, could be a path issue.

in url pattern i provided /* , but there is no other way to secure the whole webapplication. is there any way to write exception in filter?

Arvind Subramanian wrote:in url pattern i provided /* , but there is no other way to secure the whole webapplication. is there any way to write exception in filter?

Which URL pattern you are talking about.

I am saying you to check the img source attibute value in your JSP/HTML.

And look where exactly the css file is located.

And Exception filter for what?

i got it fixed ...
the url pattern i mentioned is about web.xml filter tag.

the request are the css and gif request from my login page