Win a copy of Microservices Testing (Live Project) this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Liutauras Vilda
  • Henry Wong
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Mikalai Zaikin
  • Himai Minh

Using a filter to secure a set of servlets.

 
Ranch Hand
Posts: 477
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
Im trying to use a filter to secure my application. And I've configured my web.xml with the following mapping .

This secures all the jsp pages in the pages folder.The filter checks for user credentials from the session.
However , I'm not being able to secure my servlets and as my pages are redirected through them after submit , it becomes easy for a person not logged in to view the state of the previous user through the servlet . I try to do this

where where the package a.b.c contains all my servlets that need secure access. However cant seem to get it to work.
Any help would be appreciated.
 
Ranch Hand
Posts: 143
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you set all your Servlet's URL-Patterns as "/secure/ServletName" then you can ensure that the Servlets are now only accessible via a URL that passes through the login filter.

This is what I have got set up recently and it works great.
 
Sheriff
Posts: 67650
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just using the word "secure" won't accomplish anything.

What's missing from the original post is how the servants are mapped. Matching the filter to the servlet mapping is what will accomplish the task.
 
Michael Cropper
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Should have been a little more descriptive....

If you have something like this it will work as you have explained

 
Vic Hood
Ranch Hand
Posts: 477
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,
Thank you for your replies!
Here's what I've done to secure the servlets
WEB.XML

However I now get a 404 error , when I try to access the servlet , any idea what could be missing?
 
Vic Hood
Ranch Hand
Posts: 477
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just an update , I tried modifying the filter mapping to the form below.

But the 404 still persists. Could anyone point out what could be going wrong here? Thanks in advance
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic