Win a copy of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams this week in the Reactive Progamming forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Ganesh Patekar

Using a filter to secure a set of servlets.

 
Ranch Hand
Posts: 477
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Im trying to use a filter to secure my application. And I've configured my web.xml with the following mapping .

This secures all the jsp pages in the pages folder.The filter checks for user credentials from the session.
However , I'm not being able to secure my servlets and as my pages are redirected through them after submit , it becomes easy for a person not logged in to view the state of the previous user through the servlet . I try to do this

where where the package a.b.c contains all my servlets that need secure access. However cant seem to get it to work.
Any help would be appreciated.
 
Ranch Hand
Posts: 143
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you set all your Servlet's URL-Patterns as "/secure/ServletName" then you can ensure that the Servlets are now only accessible via a URL that passes through the login filter.

This is what I have got set up recently and it works great.
 
Marshal
Posts: 67289
170
Mac Mac OS X IntelliJ IDE jQuery Java
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just using the word "secure" won't accomplish anything.

What's missing from the original post is how the servants are mapped. Matching the filter to the servlet mapping is what will accomplish the task.
 
Michael Cropper
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Should have been a little more descriptive....

If you have something like this it will work as you have explained

 
Vic Hood
Ranch Hand
Posts: 477
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
Thank you for your replies!
Here's what I've done to secure the servlets
WEB.XML

However I now get a 404 error , when I try to access the servlet , any idea what could be missing?
 
Vic Hood
Ranch Hand
Posts: 477
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just an update , I tried modifying the filter mapping to the form below.

But the 404 still persists. Could anyone point out what could be going wrong here? Thanks in advance
 
Doody calls. I would really rather that it didn't. Comfort me wise and sterile tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!