Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Applying security constraints for a call made through Request Dispatcher  RSS feed

 
Darshan Shashidhara
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I have a web application that is secured through the URL-pattern check in the web.xml. Within a servlet in this application I use the request dispatcher to forward the request to another servlet but the URL pattern check does not occur when the request is forwarded(access is granted directly). The Java EE specification states "Security constraints work only on the original request URI and not on calls made through a RequestDispatcher".
Is there any way in which I can actually forward the request to another servlet and have this request go through the URL security check before the request is processed ?
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

I don't think that's possible. You should change the flow of control (and the URL space) so that all the security is handled at the first request, before any forwarding happens.
 
Surya Kant
Ranch Hand
Posts: 104
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes it is not possible.Best idea would be to have base class or filter class
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65824
134
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"Darshan Ms", please check your private messages for an important administrative matter.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!