• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Using a filter to secure a set of servlets.

 
Vic Hood
Ranch Hand
Posts: 477
Eclipse IDE Java Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Im trying to use a filter to secure my application. And I've configured my web.xml with the following mapping .

This secures all the jsp pages in the pages folder.The filter checks for user credentials from the session.
However , I'm not being able to secure my servlets and as my pages are redirected through them after submit , it becomes easy for a person not logged in to view the state of the previous user through the servlet . I try to do this

where where the package a.b.c contains all my servlets that need secure access. However cant seem to get it to work.
Any help would be appreciated.
 
Michael Cropper
Ranch Hand
Posts: 143
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you set all your Servlet's URL-Patterns as "/secure/ServletName" then you can ensure that the Servlets are now only accessible via a URL that passes through the login filter.

This is what I have got set up recently and it works great.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65120
91
IntelliJ IDE Java jQuery Mac Mac OS X
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just using the word "secure" won't accomplish anything.

What's missing from the original post is how the servants are mapped. Matching the filter to the servlet mapping is what will accomplish the task.
 
Michael Cropper
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Should have been a little more descriptive....

If you have something like this it will work as you have explained

 
Vic Hood
Ranch Hand
Posts: 477
Eclipse IDE Java Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
Thank you for your replies!
Here's what I've done to secure the servlets
WEB.XML

However I now get a 404 error , when I try to access the servlet , any idea what could be missing?
 
Vic Hood
Ranch Hand
Posts: 477
Eclipse IDE Java Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just an update , I tried modifying the filter mapping to the form below.

But the 404 still persists. Could anyone point out what could be going wrong here? Thanks in advance
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic