Servlet Filters - A couple of questions

Hi guys

I am pretty new to servlet filters and just want to ask a couple of questions

1. Can you have one filter with two url-patterns tags in web.xml (for example one for *.jsp and one for /servlet/*)?

In other words, is the following piece of code allowed in the deployment descriptor (web.xml)?
<filter> <filter-name>SessionFilter</filter-name> <filter-class>servlets.SessionFilter</filter-class> </filter> <filter-mapping> <filter-name>SessionFilter</filter-name> <url-pattern>*.jsp</url-pattern> <url-pattern>/servlet/*</url-pattern> </filter-mapping>


2. If I use a Filter to intercept all requests (your url-pattern is /* ) which will redirect the user to index.jsp if there is no user attribute stored in the session I get the following behaviour

- accessing a restricted page when there is no session redirects the user to the index page
- accessing a restricted servlet will produce an IllegalStateException.

Does that mean I have to create two different filters, one to cater for jsp, and one for servlets?

The following is a snippet of code which fails to exhibit the behaviour stated in 2.
if(!allowedRequest) { if (session.getAttribute("user")==null) response.sendredirect(request.getContextPath() + "/index.jsp"); } } chain.doFilter(request, response);

Any help is much appreciated.


Thanks
andreas

Following my post above,

Should the chain.doFilter(request, response) method be called only if access is granted to propagate the request and response to the next filter in the chain?

If so, isn't my problem fixed with the following snippet of code?
if(!allowedRequest) { if (session.getAttribute("user")==null) response.sendredirect(request.getContextPath() + "/index.jsp"); } else { chain.doFilter(request,response) } } else { chain.doFilter(request, response); }

yes it