Presentation is loading. Please wait.

Presentation is loading. Please wait.

©SoftMoore ConsultingSlide 1 Filters. Filters can be used in a web application to intercept, examine, and possibly transform requests or responses associated.

Published byAdam Melton Modified over 8 years ago

Similar presentations

Presentation on theme: "©SoftMoore ConsultingSlide 1 Filters. Filters can be used in a web application to intercept, examine, and possibly transform requests or responses associated."— Presentation transcript:

1 ©SoftMoore ConsultingSlide 1 Filters

2 Filters can be used in a web application to intercept, examine, and possibly transform requests or responses associated with servlets, JSP pages HTML pages, etc. Filters can be used to –query the request and act accordingly –block the request and response pair from passing any further –modify the request headers and data, providing a customized version of the request –modify the response headers and data, providing a customized version of the response. Think of filters as a chain of steps that requests and responses must go through before reaching a servlet, JSP page, or HTML page. ©SoftMoore ConsultingSlide 2

3 Filters in Action ©SoftMoore ConsultingSlide 3 Filter 1 HTML Page Filter 2Servlet Client (browser) HTTP Request HTTP Response Server Client (browser) HTTP Request HTTP Response JSP Page

4 Possible Uses of Filters Authentication – blocking requests based on user identity. Logging and auditing – tracking users of a web application. Image conversion – scaling maps, and so on. Data compression – making downloads smaller. Localization – targeting the request and response to a particular locale. Transformations of XML content – targeting web application responses to more than one type of client. ©SoftMoore ConsultingSlide 4

5 Creating a Filter Create a class that implements Filter interface. Methods doFilter() – most important method init() destroy() Put filtering behavior in the doFilter() method. Arguments ServletRequest ServletResponse FilterChain Call the doFilter() method of the FilterChain argument to invoke the next filter (if any) or the actual resource. ©SoftMoore ConsultingSlide 5

6 Creating a Filter (continued) Modify the deployment descriptor ( web.xml ) to register the filter with the appropriate servlets and JSP pages. (Use filter and filter-mapping elements in web.xml.) ©SoftMoore ConsultingSlide 6

7 Example: Logging User Access package com.softmoore.filters; import java.util.Date; public class LoggingFilter implements Filter { private FilterConfig filterConfig = null; public void init(FilterConfig filterConfig) throws ServletException { this.filterConfig = filterConfig; } public void destroy() { this.filterConfig = null; } ©SoftMoore ConsultingSlide 7

8 Example: Logging User Access (continued) public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException { HttpServletRequest req = (HttpServletRequest) request; String message = req.getRemoteHost() + " accessed " + req.getRequestURL() + " on " + new Date() + "."); filterConfig.getServletContext().log(message); chain.doFilter(request,response); } ©SoftMoore ConsultingSlide 8

9 Modifying web.xml for the Logging Filter LoggingFilter com.softmoore.filters.LoggingFilter LoggingFilter /index.jsp ©SoftMoore ConsultingSlide 9

10 Example: Restricting User Access public class AccessFilter implements Filter { private static final String LOGIN_PAGE = "/myLogin.jsp";... public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; boolean authorized = false; HttpSession session = req.getSession(true); User user = (User)session.getAttribute("webapp.user"); ©SoftMoore ConsultingSlide 10

11 Example: Restricting User Access (continued) if (user != null && user.isValid()) authorized = true; if (authorized) { chain.doFilter(request, response); } else { // save requested URI in session for login servlet session.setAttribute("requestUri", req.getRequestURI().toString()); RequestDispatcher dispatcher = req.getRequestDispatcher(LOGIN_PAGE); dispatcher.forward(request, response); } ©SoftMoore ConsultingSlide 11

12 Declaring/Maping a Filter in web.xml AccessFilter com.softmoore.security.AccessFilter AccessFilter /admin/* /reports/* ©SoftMoore ConsultingSlide 12

13 Using Annotations to Declare/Map Filters Introduced in servlet API version 3.0, the annotation @WebFilter can be used to declare a servlet class and map it to a URL. Example @WebFilter("/admin/*", "/reports/*") public class AccessFilter implements Filter {... } Note that the class must still implement interface Filter. ©SoftMooreSlide 13

14 Using Annotations to Declare/Map Filters (continued) Annotation @WebFilter replaces equivalent and configuration elements in the web deployment descriptor file ( web.xml ) Servlet containers process the annotated classes when the application is deployed. ©SoftMooreSlide 14 Note: Several additional annotations were also introduced in servlet API 3.0; e.g., @WebServlet and @WebListener.

15 Annotations versus Deployment Descriptor Similar to servlets Primary advantage of using annotations to declare/map filters − eliminates a lot of boilerplate XML Primary advantage of using the deployment descriptor to declare/map filters − improved server startup performance when using a lot of filters (provided attribute metadata-complete has been set to true). ©SoftMooreSlide 15

16 Useful Filters CompressionFilter and other filter examples available in Tomcat distribution (Google for variations available on the web) BadInputFilter revisited (John Moore, JavaWorld) http://www.javaworld.com/article/2078901/open-source-tools/badinputfilter-revisited.html WebFilter annotation examples http://www.codejava.net/java-ee/servlet/webfilter-annotation-examples “Two Servlet Filters Every Web Application Should Have” by Jayson Falkner http://onjava.com/pub/a/onjava/2003/11/19/filters.html ©SoftMoore ConsultingSlide 16

Download ppt "©SoftMoore ConsultingSlide 1 Filters. Filters can be used in a web application to intercept, examine, and possibly transform requests or responses associated."

Similar presentations

6 Copyright © 2005, Oracle. All rights reserved. Using Advanced Techniques in Servlets.

6 Copyright © 2005, Oracle. All rights reserved. Using Advanced Techniques in Servlets.
CGI programming. Common Gateway Interface interface between web server and other programs (cgi scripts) information passed as environment variables passed.

CGI programming. Common Gateway Interface interface between web server and other programs (cgi scripts) information passed as environment variables passed.
COMP 321 Week 13. Overview Filters Scaling and Remote Models MVC and Struts.

COMP 321 Week 13. Overview Filters Scaling and Remote Models MVC and Struts.
JLab Lattice Portal – Data Grid Web Service Ying Chen, Chip Watson Thomas Jefferson National Accelerator Facility.

JLab Lattice Portal – Data Grid Web Service Ying Chen, Chip Watson Thomas Jefferson National Accelerator Facility.
Dispatching, monitoring, filtering

Dispatching, monitoring, filtering
 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture 9.2.1 Interface Servlet and.

 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture Interface Servlet and.
1 Servlets: Leftover Odds and Ends (Most apply to JSPs as well, duh….) Representation and Management of Data on the Internet, 2007 CS Department, HUJI.

1 Servlets: Leftover Odds and Ends (Most apply to JSPs as well, duh….) Representation and Management of Data on the Internet, 2007 CS Department, HUJI.
An introduction to Java Servlet Programming

An introduction to Java Servlet Programming
J2EE Servlets and JSP Advanced topics Presented by Bartosz Sakowicz.

J2EE Servlets and JSP Advanced topics Presented by Bartosz Sakowicz.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved. 0-13-148952-6 1 Chapter 34 Servlets.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved Chapter 34 Servlets.
JSP Java Server Pages Reference: http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/Servlet-Tutorial-JSP.html.

JSP Java Server Pages Reference:
JSP Architecture  JSP is a simple text file consisting of HTML or XML content along with JSP elements  JSP packages define the interface for the compiled.

JSP Architecture  JSP is a simple text file consisting of HTML or XML content along with JSP elements  JSP packages define the interface for the compiled.
Chapter 4 Servlets Concept of Servlets (What, Why, and How) Servlet API Third-party tools to run servlets Examples of Using Servlets HTML tag with GET.

Chapter 4 Servlets Concept of Servlets (What, Why, and How) Servlet API Third-party tools to run servlets Examples of Using Servlets HTML tag with GET.
Session-02.

Session-02.
Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.

Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.
Java Servlets and JSP.

Java Servlets and JSP.
Java Enterprise Edition Java Web Development Structure of a web project Introduction to Web Applications The first project Introduction to Java Web Development.

Java Enterprise Edition Java Web Development Structure of a web project Introduction to Web Applications The first project Introduction to Java Web Development.
Introduction to Web App Development Allen Day. Notes This is a training NOT a presentation Please ask questions https://tech.lds.org/wiki/Java_Stack_Training.

Introduction to Web App Development Allen Day. Notes This is a training NOT a presentation Please ask questions
Lecture 2 - Struts ENTERPRISE JAVA. 2 Contents  Servlet Deployment  Servlet Filters  Model View Controllers  Struts  Dependency Injection.

Lecture 2 - Struts ENTERPRISE JAVA. 2 Contents  Servlet Deployment  Servlet Filters  Model View Controllers  Struts  Dependency Injection.
Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.

Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.

Similar presentations

Ads by Google