filter validation

I have this filter.

<filter>
<filter-name>authenticator</filter-name>
<filter-class>ex.sample.filters.Auth</filter-class>
</filter>

<filter-mapping>
<filter-name>authenticator</filter-name>
<url-pattern>/*</url-pattern>
</fitler-mapping>

The idea is to validate a user for every request. However, I don't want it to be applied to a request for images or javascripts and such. I only want it to be applied to a request for servlets and JSP's.

Is it possible to use reg-exp for <url-pattern>? If not, what is the best way to do this?

It's traditional to use the servlet mapping. For example "/myRoot/*". All servlet URLs begin with this mapping. It is good practice to not refer to JSPs directly, but through a servlet. But if you have loose JSPs, you could use a similar pattern to pick them up.

Bug,
It would be great if you can let me know how your filter works?
From where does it picks up the role access mappings etc etc..

Gavi,
It checks for a valid session by checking for a session attribute that was assigned to the session when it was first created. The attribute assigned corresponds to the role of the user (when they logged in).

Jeanne,
I already thought about making the url-pattern alike for servlets, it's just huge work because I have lots of servlets. Consider the jsp's that <a href= or <form action= to these servlets.
If reg.exp. was available however, I could probably just say !(/images/ | /js/) and stuff.

Thanks for the reply!

Bug,
As a hack, you could have the filter run for all requests and use an if statement with your regexp to not do anything for the images and javascript directories.

I wouldn't condsider that a hack at all. Some of my filters frequently inspect the incoming request to determine what action to take.