"Merrill Cornish" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I'm trying to learn filters by writing one to detect when someone who
> has not logged in tries to access a JSP page that requires login. From
> what I've read, this seems to be one common use of filters.
>
> I think I understand how to write the filter, but to determine whether
> the session had been logged in, I need to HttpSession object.
>
> The doFilter() method receives ServletRequest rather than
> HttpServletRequest, so there is no getSession() method. At the same
> time, since the filter is tied to ServletRequest and ServletResponse, it
> appears that the filter runs at a level "above" individual sessions,
> implying that a filter could never check whether a specific session was
> logged in.
>
Well, something like:
HttpServletRequest hreq;
if(request instanceof HttpServletRequest) { // always true for Tomcat
hreq = (HttpServletRequest)request;
}
> Can filters be used to check whether a user is logged in?
>
> Merrill
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
