There are 2 ways to have a intercepting filter in web tier- using Servlet filters or using a JSF phase listener that fires at the beginning of the Request Processing Lifecycle? For authentication and audit tasks which one should be used for the assignment?
Also, if intercepting filters based on servlet API are used, then how to depict them in component diagram i.e. show them:
1. between <<JSP>> and <<FacesServlet>> i.e. JSP -> Intercepting Filter -> FacesServlet -> Backing Bean
2. between <<FacesServlet>> and <<ManagedBean>> i.e. JSP -> Intercepting Filter -> FacesServlet -> Intercepting Filter