Hey,
Just for those who think filters are a new idea, I just wanted to point
out that filters have been in the Microsoft world (ISAPI) for years.
(Don't worry, I'm not a Microsoft advocate, just pointing out the facts
:-).
Kito D. Mann
[EMAIL PROTECTED]
Chief Architect
The Grow Network
(212)889-5678 x105
At 02:56 PM 8/30/01 -0700, you wrote:
Filter
is new in the Servlet 2.3 spec. It is an implementation of the
Intercepting Filter design Pattern. You can read more about this
pattern in the book Core J2EE design patterns. Basically Filters
allow you to add services like user authentication easily because filters
intercept the request object heading to certain resources that you
specify. This is nice because you don't need to make your view
components aware of User Authentication, a Filter can handle that.
Glenn
-Original Message-
From: Andy Noble
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 30, 2001 1:50 PM
To: [EMAIL PROTECTED]
Subject: Security with Servlet 2.3 API
I've just read an article that suggests that authentication can be
done by a filter in the servlet 2.3 API, which I believe Tomcat 4 will
support.
Having seen other threads, there appears to be a number of methods
available, such as:
1. subclass ActionServlet
2. JSP custom tags
3. Check in each Action class
Has anyone any experience or thoughts on this?
At the moment, I guess I'm in favour of the ActionServlet subclass
just to keep it all in one place, but the filter method also sounds a
possibility.
Andy Noble
