Re: Defining filters in sub-directories
You can match a prefix, or a file extension but not both. So you can do this: filter-mapping filter-nameAdminSection/filter-name url-pattern/admin/*/url-pattern /filter-mapping The Servlet spec has some examples of how URL matching will work. -Tim Ryan Parr wrote: As so many have said before, I'm new to Java and Tomcat. So please forgive any poor design you see in my code, but please let me know about it :) I've created a filter class that handles user authorization. Basically when a user hits a page the filter is defined for, it checks for a boolean value in the user's session that describes their access to a certain auth group. If the user is not authorized, they are forwarded to a login page defined as an init-param which handles their authentication for that group. This works flawlessly on pages in the root directory, and if I do: url-pattern/*.jsp/url-pattern it operates on every file throughout the hierarchy. This isn't what I wanted so I defined a url exclusion method, that accepts paths and regular expressions that the filter tests before processing auth. I setup a new filter for each group/directory. It only works on the root directory though, and using a url-pattern of /admin/*.jsp doesn't appear to trigger the filter. It's never run. This happens whether or not the filter on the root of the context exists. Thank you very much for any advice you can give! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Defining filters in sub-directories
On Thu, 2003-10-23 at 04:42, Tim Funk wrote: You can match a prefix, or a file extension but not both. So you can do this: filter-mapping filter-nameAdminSection/filter-name url-pattern/admin/*/url-pattern /filter-mapping The Servlet spec has some examples of how URL matching will work. -Tim Wow, that really was all there was to it. Thank you! -- Ryan Ryan Parr wrote: As so many have said before, I'm new to Java and Tomcat. So please forgive any poor design you see in my code, but please let me know about it :) I've created a filter class that handles user authorization. Basically when a user hits a page the filter is defined for, it checks for a boolean value in the user's session that describes their access to a certain auth group. If the user is not authorized, they are forwarded to a login page defined as an init-param which handles their authentication for that group. This works flawlessly on pages in the root directory, and if I do: url-pattern/*.jsp/url-pattern it operates on every file throughout the hierarchy. This isn't what I wanted so I defined a url exclusion method, that accepts paths and regular expressions that the filter tests before processing auth. I setup a new filter for each group/directory. It only works on the root directory though, and using a url-pattern of /admin/*.jsp doesn't appear to trigger the filter. It's never run. This happens whether or not the filter on the root of the context exists. Thank you very much for any advice you can give! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Defining filters in sub-directories
As so many have said before, I'm new to Java and Tomcat. So please forgive any poor design you see in my code, but please let me know about it :) I've created a filter class that handles user authorization. Basically when a user hits a page the filter is defined for, it checks for a boolean value in the user's session that describes their access to a certain auth group. If the user is not authorized, they are forwarded to a login page defined as an init-param which handles their authentication for that group. This works flawlessly on pages in the root directory, and if I do: url-pattern/*.jsp/url-pattern it operates on every file throughout the hierarchy. This isn't what I wanted so I defined a url exclusion method, that accepts paths and regular expressions that the filter tests before processing auth. I setup a new filter for each group/directory. It only works on the root directory though, and using a url-pattern of /admin/*.jsp doesn't appear to trigger the filter. It's never run. This happens whether or not the filter on the root of the context exists. Thank you very much for any advice you can give! -- Ryan Parr The pertinent parts of my web.xml: --- filter filter-nameAdminSection/filter-name filter-classcom.mysite.filters.UserAuthorization/filter-class init-param param-nameAuthGroup/param-name param-valueAdmin/param-value /init-param init-param param-nameLoginPage/param-name param-value/admin/login.jsp/param-value /init-param /filter !-- Admin Section -- filter-mapping filter-nameAdminSection/filter-name url-pattern/admin/*.jsp/url-pattern /filter-mapping And my UserAuthorization source: /* * UserAuthorization.java * * Created on October 2, 2003, 8:52 PM */ package com.mysite.filters; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.ServletContext; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import java.util.regex.Pattern; /** * This is the authorization filter. This simply checks to see * if a user is logged in, and if so whether or not they are allowed * to access the request resource. Authentication is handled elsewhere, * in a struts action. * * @author Ryan Parr * @version 0.1 * @see javax.servlet.Filter */ public class UserAuthorization implements Filter { private FilterConfig config; private String authName;// What's our name yo private String[] authGroups;// Roles for this resource private String loginPage; // The login page to forward to private String[] pageExclusions;// Pages we don't want to filter private String[] pageExclusionPatterns; // Patterns of pages we don't want to filter private boolean loggedIn = false; private ServletContext context = null; /** * This is the first method called when the filter is used. * The general intention of this method is simply to set * a private variable to the filterConfig parameter. * * @param filterConfig FilterConfig */ public void init(FilterConfig filterConfig) throws ServletException { config = filterConfig; authName = config.getFilterName(); loginPage = config.getInitParameter(LoginPage); // Populate the authGroups array String authGroupString = config.getInitParameter(AuthGroup); if(!(authGroupString == null) !(authGroupString.equals())) { authGroups = authGroupString.split(,); for(int i = 0; i authGroups.length; i++) { authGroups[i] = authGroups[i].trim(); } } // Populate pageExclusions array String pageExclusionString = config.getInitParameter(PageExclusions); if(!(pageExclusionString == null) !(pageExclusionString.equals())) { pageExclusions = pageExclusionString.split(,); for(int i = 0; i pageExclusions.length; i++) { pageExclusions[i] = pageExclusions[i].trim(); } } // Populate pageExclusionPatterns array String