Filter to detect a user not logged in

[Merrill Cornish]

I'm trying to learn filters by writing one to detect when someone who 
has not logged in tries to access a JSP page that requires login.  From 
what I've read, this seems to be one common use of filters.

I think I understand how to write the filter, but to determine whether 
the session had been logged in, I need to HttpSession object.

The doFilter() method receives ServletRequest rather than 
HttpServletRequest, so there is no getSession() method.  At the same 
time, since the filter is tied to ServletRequest and ServletResponse, it 
appears that the filter runs at a level "above" individual sessions, 
implying that a filter could never check whether a specific session was 
logged in.

Can filters be used to check whether a user is logged in?

Merrill

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]