• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Servletfilter skip filterchain JSF method not executed

 
Kevin Krautwurst
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi I got a problem with some filter logic.

I have a webapplication with a Springs CAS Filter (Servletfilter) mapped to "/*" (I can't change this setting due to the specifications of the project. So, due to the * mapping every request is forwarded to the CAS Authentication page (so far so good).

My task is to build a second login for administrators which should not interact with the CAS-Authentication. So I programmed a second Filter (Adminfilter) and in the end I am here with the following filter mapping (in this order).

1. /admin/* (Everyadmin request should be handled by the Adminfilter)
2. /* (General requests should be handled by the CAS Filter)

If the url /admin is used my Adminfilter redirects to the admin login (no chain.do is processed just a redirect). So far so good. But the login page is bound to a JSF-Request Bean actionMethod for the admin login. As you might conclude after the login request is send the Adminfilter is processed, but if I don't execute chain.do the request is cancelled at that point and the JSF function will not be processed. But if I do chain.do the cas Filter is executed (which I don t want to be happen).

PROBLEM:
I need a way to skip the filter chain. Filter A is executed and should finish afterwards but I don't want to cancel the request. All following Filters should not be executed!

Hope you got some ideas on my problem since I am stuck here for now.

Regards
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One possible solution
1) After 'admin' is successfully logged in, add the 'admin' user to the session (some flag,and/or admin user details).
2) Add another filter to bypass cas login if admin is logged in. (check the session variable)

haven't give it a lot of thought, but can work I feel
Just recognized, my solution will not work .. unless you also modify the CAS filter (source code)
 
Kevin Krautwurst
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

today I figured it out somehow. I came up with the idea of using a RequestDispatch to forward the requestURI taken from the request (sth like RequestDispatcher rd = request.getRequestDispatcher(request.getRequestURI()); rd.forward();

That works since the request is forwarded to the actual requested URL .... and the controller method is also invoked cause the request wasn't cancelled.

 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ahh, that's neat, I had used RequestDispatcher but I did not remember that!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic