You should be returning securityFilter not the router. Then the
securityFilter does it's thing and moves onto the next restlet chain
(router)
jon
Marc Lerma wrote:
> I'm also confused about the use of filters. I'm trying to apply a security
> filter in order to check whether the user is authenticated before accessing
> the resources, but it seems to me that it's never being applied. I've tried
> to debug the code and the filter is never called before handling a resource.
>
> Here is the code:
>
>
> @Override
> public synchronized Restlet createRoot() {
>
>
>
> //Crea un router en el cual se registran las URIs y los recursos
> asociados a cada una
>
> Router router = new Router(getContext());
>
> router.attachDefault(RESTLoginResource.class);
> router.attach("/login", RESTLoginResource.class);
> router.attach("/{userName}", UserResource.class);
>
>
> Filter securityFilter = new Filter(getContext()){
> public int beforeHandle(Request request, Response response){
>
> SessionManager sm =
>
> com.isoco.iwf.webapp.common.Application.getSingleInstance().getSessionManager();
>
>
> if(sm.getLogged(BaseResource.getHttpServletRequest(request))!=null){
> log.info("User is authenticated");
> return Filter.CONTINUE;
> }
> else
> {
> log.info("user must be authenticated ");
> return Filter.STOP;
> }
>
>
>
> }
> };
>
> securityFilter.setNext(router);
>
> return router;
> }
>
>
> shouldn't the filter be executed before getting to each registered resource ?
>
>
> thanks for your help!
>
> ------------------------------------------------------
> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2361339
>
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2361658