I'm trying to use a Filter class to restrict access to certain pages, such as restricted.jsp
In my web.xml file, I have:
This works, if I try to go directly to restricted.jsp, as in
http://localhost:8080/FilterDemo/restricted.jsp
However, if I return that page as the result of a forward in my contoller class:
then it seems the filter doesn't get involved & end user is returned the content of restricted.jsp, when they shouldn't be.
Am I missing something here, or is that just the way things are? If I have to put some sort of
if statement in my controller code, each time I might want to forward to a potentially forbidden page:
it seems so messy, I might as well give up on using a Filter and have code that tests if the user is authenticated on each restricted page.
Could anyone advise?