All, I need to check the Session for an authenticated user before most requests. To do this I subclassed ActionServlet and only call super(request, response) upon verification that authenticated user is in the Session.
if (request.getRequestURI().endsWith("welcome.do") | request.getRequestURI().endsWith("logon.do") | request.getRequestURI().endsWith("html")) { super.process(request, response); } else if (request.getSession().getAttribute("USER") == null) { //Forward to login page response.sendRedirect("/welcome.do"); } I also know about the ability to subclass the RequestProcessor and providing my own implementation of the processPreprocess method to accomplish the same thing. Does anybody know of any serious disadvantages or side effects of subclassing the ActionServlet class rather than the RequestProcessor class.