I'm also confused about the use of filters. I'm trying to apply a security 
filter in order to check whether the user is authenticated before accessing the 
resources, but it seems to me that it's never being applied. I've tried to 
debug the code and the filter is never called before handling a resource. 

Here is the code:


    @Override
    public synchronized Restlet createRoot() {
        
        
        
        //Crea un router en el cual se registran las URIs y los recursos 
asociados a cada una

        Router router = new Router(getContext());
        
        router.attachDefault(RESTLoginResource.class);
        router.attach("/login", RESTLoginResource.class);
        router.attach("/{userName}", UserResource.class);
         

        Filter securityFilter = new Filter(getContext()){
          public int beforeHandle(Request request, Response response){
                  
                  SessionManager sm =
                          
com.isoco.iwf.webapp.common.Application.getSingleInstance().getSessionManager();
                      
            if(sm.getLogged(BaseResource.getHttpServletRequest(request))!=null){
                log.info("User is authenticated");
                return Filter.CONTINUE;
            }
            else
            {
                log.info("user must be authenticated ");
                return Filter.STOP;
            }
                
                        
            
          }
        };
        
        securityFilter.setNext(router);
        
        return router;
    }


shouldn't the filter be executed before getting to each registered resource ? 


thanks for your help!

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2361339

Reply via email to