Giving multiple URL patterns to Servlet Filter

servlets servlet-filters url-pattern
Raju Boddupalli picture Raju Boddupalli · Jul 25, 2012 · Viewed 159.4k times · Source

I am using a Servlet Filter in my JSF application. I have three groups of Web pages in my application, and I want to check Authentication for these pages in my Servlet Filter:

my Folders

/Admin/ *.xhtml

/Supervisor/*.xhtml
/Employee/*.xhtml

and I am writing web.xml like

<filter>
    <filter-name>LoginFilter</filter-name>
    <filter-class>com.ems.admin.servlet.LoginFilter</filter-class>
</filter>

<filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/Employee/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/Admin/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/Supervisor/*</url-pattern>
</filter-mapping>

but requests like

http://localhost:8080/EMS2/faces/Html/Admin/Upload.xhtml

are not entering into Filter.

I have to provide security to these 3 folders.

How to solve this problem ?

Answer

BalusC picture BalusC · Aug 4, 2012

If an URL pattern starts with /, then it's relative to the context root. The /Admin/* URL pattern would only match pages on http://localhost:8080/EMS2/Admin/* (assuming that /EMS2 is the context path), but you have them actually on http://localhost:8080/EMS2/faces/Html/Admin/*, so your URL pattern never matches.

You need to prefix your URL patterns with /faces/Html as well like so:

<url-pattern>/faces/Html/Admin/*</url-pattern>

You can alternatively also just reconfigure your web project structure/configuration so that you can get rid of the /faces/Html path in the URLs so that you can just open the page by for example http://localhost:8080/EMS2/Admin/Upload.xhtml.

Your filter mapping syntax is all fine. However, a simpler way to specify multiple URL patterns is to just use only one <filter-mapping> with multiple <url-pattern> entries:

<filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/faces/Html/Employee/*</url-pattern>
    <url-pattern>/faces/Html/Admin/*</url-pattern>
    <url-pattern>/faces/Html/Supervisor/*</url-pattern>
</filter-mapping>

Related questions

@WebFilter exclude url-pattern

I use a filter to check URL patterns for the logged in user. But I have many URL patterns I need to filter. { "/table/*", "/user/*", "/contact/*", "/run/*", "/conf/*", ..., ..., ...} It's becoming unmaintainable. It will be simpler just to exclude: { "/", "/login", "/logout", "/…

Read More
Servlet filter url mapping

How can a filter be mapped to the root of a URL? I'm using Tomcat 7.0.2 and deploying an application as ROOT.war. The welcome page is sign_in.xhtml. I would like to run a filter whenever the client sends …

Read More
How to use a servlet filter in Java to change an incoming servlet request url?

How can I use a servlet filter to change an incoming servlet request url from http://nm-java.appspot.com/Check_License/Dir_My_App/Dir_ABC/My_Obj_123 to http://nm-java.appspot.com/Check_License?Contact_Id=My_Obj_123 ? Update: …

Read More