Try this:
if (null == user) {
session.invalidate();
res.sendRedirect("/login.jsp");
} else {
chain.doFilter(request, response);
}
I was having some trouble with my auth filter until I realized this
problem: you should continue de filter chain only if everything is ok.
Sandro
On Thu, 07 Oct 2004 09:57:26 +0000, andy wix <[EMAIL PROTECTED]> wrote:
> Hi,
>
> That source forge Security Filter stuff looks pretty good, but I only have a
> basic requirement (nothing so posh as realms).
> I can't seem to get my (very basic) filter to work with Struts though.
>
> I have the following in my doFilter method:
>
> HttpServletRequest req = (HttpServletRequest) request;
> HttpServletResponse res = (HttpServletResponse) response;
> HttpSession session = req.getSession();
>
> User user= (User )session.getAttribute("User ");
>
> if (null == user) {
> session.invalidate();
> res.sendRedirect("/login.jsp");
> }
> chain.doFilter(request, response);
>
> It is mapped to all urls (/*) in the web.xml.
>
> I get a 404:
> The requested resource (/do/processLogin) is not available
>
> - this after I have entered user/password and submitted form. If anything,
> I was expecting it to always be re-directed back to the login because I
> guess I need to exclude "/do/processLogin" from the Filter?
>
> It all works Ok without the filter.
>
> Thanks,
> Andy
>
> _________________________________________________________________
> Stay in touch with absent friends - get MSN Messenger
>
>
> http://www.msn.co.uk/messenger
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Sandro Duarte
Analista de Sistemas
TRE-RS/SI
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
