I'm also confused about the use of filters. I'm trying to apply a security
filter in order to check whether the user is authenticated before accessing the
resources, but it seems to me that it's never being applied. I've tried to
debug the code and the filter is never called before handling a resource.
Here is the code:
@Override
public synchronized Restlet createRoot() {
//Crea un router en el cual se registran las URIs y los recursos
asociados a cada una
Router router = new Router(getContext());
router.attachDefault(RESTLoginResource.class);
router.attach("/login", RESTLoginResource.class);
router.attach("/{userName}", UserResource.class);
Filter securityFilter = new Filter(getContext()){
public int beforeHandle(Request request, Response response){
SessionManager sm =
com.isoco.iwf.webapp.common.Application.getSingleInstance().getSessionManager();
if(sm.getLogged(BaseResource.getHttpServletRequest(request))!=null){
log.info("User is authenticated");
return Filter.CONTINUE;
}
else
{
log.info("user must be authenticated ");
return Filter.STOP;
}
}
};
securityFilter.setNext(router);
return router;
}
shouldn't the filter be executed before getting to each registered resource ?
thanks for your help!
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2361339