Using forward or include in a filter
Faisal Khan
Ranch Hand
Posts: 285
posted 10 years ago
Hi,
I have come across some security access filters which are using request.getRequestDispatcher(...).forward() and .include() from within the filter. If the user is not authorised, they get forwarded to an error page from within the filter.
Does this seem an acceptable technique to use or should we consider other options such as writing the html page from the filter?
The .include() is being used in one place to call in a servlet that does a bunch of checks and being used for other things too.
Regards
Faisal
I have come across some security access filters which are using request.getRequestDispatcher(...).forward() and .include() from within the filter. If the user is not authorised, they get forwarded to an error page from within the filter.
Does this seem an acceptable technique to use or should we consider other options such as writing the html page from the filter?
The .include() is being used in one place to call in a servlet that does a bunch of checks and being used for other things too.
Regards
Faisal
The secret to creativity is knowing how to hide your sources.
Faisal Khan
Ranch Hand
Posts: 285
posted 10 years ago
Just to clarify guys, technique explained in the following article is not good way to go then:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Servlets8.html#103101
Any views on using the .include()?
Thanks for the feedback thus far.
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Servlets8.html#103101
Any views on using the .include()?
Thanks for the feedback thus far.
The secret to creativity is knowing how to hide your sources.
| Consider Paul's rocket mass heater. |