I have already visited Java FilterImplementation for session checking link, which says about Spring security. I did not get the help i need.
After applying filter login.jsp is unable to load CSS and images.
I am trying simple example providing filter in web.xml and applying the filter on pages other than login.jsp.
Web.xml file is :
<filter>
<filter-name>struts2</filter-name>
<filter-class>
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>AuthenticationFilter2</filter-name>
<filter-class>filter.AuthorizationFilter2</filter-class>
<init-param>
<param-name>avoid-urls</param-name>
<param-value>login.jsp</param-value>
</init-param>`
<filter>
And the filter class is :
private ArrayList<String> urlList;
public void destroy() {
// TODO Auto-generated method stub
System.out.println("authorization filter2 destroy method....");
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
System.out.println("authorization filter2 doFilter method....");
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String url = request.getServletPath();
System.out.println("ppp:"+request.getRequestURL());
System.out.println("url is :"+url);
boolean allowedRequest = false;
System.out.println("url list is :"+urlList);
if(urlList.contains(url.substring(1))) {
allowedRequest = true;
}
System.out.println("request allowed....."+allowedRequest);
if (!allowedRequest) {
Map session = ActionContext.getContext().getSession();
/*HttpSession session = request.getSession(false);*/
/* if (null == session) {
response.sendRedirect("login.jsp");
}*/
System.out.println("session contains login :"+session.containsKey("login"));
if(!session.containsKey("login")){
response.sendRedirect("login.jsp");
}
}
chain.doFilter(req, res);
}
public void init(FilterConfig config) throws ServletException {
System.out.println("authorization filter2 init method....");
String urls = config.getInitParameter("avoid-urls");
StringTokenizer token = new StringTokenizer(urls, ",");
urlList = new ArrayList<String>();
while (token.hasMoreTokens()) {
urlList.add(token.nextToken());
}
}
Login page contains css and images as per the requirement.
Please help me out. Thank you.
put this block of code in your action class , it works.
Thank you all.