Authentication Filter in Java:
In this article, Let us see an example of using authentication filter.
What is a Filter?
As the name suggests, Filter performs filtering tasks. Filter is an object that perform filtering tasks on requesting for a resource or response from resource or both.
Types of Filters:
There are various types of filters,
- Authentication Filters
- Image Conversion Filters
- Date Compression Filters
- Encryption Filters
- Logging and Auditing Filters
- Mime type chain Filters
- Filters triggering resource access events
- Tokenizing Filters
- XSL/T filters
Methods in Filter:
public void init(FilterConfig filterconfig) – Initializes the filter, this is called by web container only once to place the filter into service
public void destroy() – Used for destroying the filter that is been placed into the service
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) – Called each time request or response pair is passed through the chain.
Filters are mapped to the Servlet with Servlet name or with URL in deployment descriptor – web.xml
Now let us see an example,
We are going to set a filter that checks whether the user entered the correct code. If user enter the correct code he will be shown success message or to the error page
Sample.jsp
<%@page contentType="text/html" pageEncoding="UTF-8"%> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Filter Code</title> </head> <body> <form action="Servlet" method="post"> Enter the Secret Code: <input type="text" name="code"> <input type="submit" value="submit" name="submit"> </form> </body> </html>
sorry.jsp
<%@page contentType="text/html" pageEncoding="UTF-8"%> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>JSP Page</title> </head> <body> <h1>sorry! Invalid Code</h1> </body> </html>
FilterChecks.java (Filter) // doFilter method
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ import java.io.IOException; import java.io.PrintStream; import java.io.PrintWriter; import java.io.StringWriter; import java.util.ArrayList; import java.util.StringTokenizer; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * * @author Vikram */ public class FilterChecks implements Filter { private static final boolean debug = true; private ArrayList<String> urlList; // The filter configuration object we are associated with. If // this value is null, this filter instance is not currently // configured. private FilterConfig filterConfig = null; public FilterChecks() { } private void doBeforeProcessing(ServletRequest request, ServletResponse response) throws IOException, ServletException { if (debug) { log("FilterChecks:DoBeforeProcessing"); } // Write code here to process the request and/or response before // the rest of the filter chain is invoked. // For example, a logging filter might log items on the request object, // such as the parameters. /* for (Enumeration en = request.getParameterNames(); en.hasMoreElements(); ) { String name = (String)en.nextElement(); String values[] = request.getParameterValues(name); int n = values.length; StringBuffer buf = new StringBuffer(); buf.append(name); buf.append("="); for(int i=0; i < n; i++) { buf.append(values[i]); if (i < n-1) buf.append(","); } log(buf.toString()); } */ } private void doAfterProcessing(ServletRequest request, ServletResponse response) throws IOException, ServletException { if (debug) { log("FilterChecks:DoAfterProcessing"); } // Write code here to process the request and/or response after // the rest of the filter chain is invoked. // For example, a logging filter might log the attributes on the // request object after the request has been processed. /* for (Enumeration en = request.getAttributeNames(); en.hasMoreElements(); ) { String name = (String)en.nextElement(); Object value = request.getAttribute(name); log("attribute: " + name + "=" + value.toString()); } */ // For example, a filter might append something to the response. /* PrintWriter respOut = new PrintWriter(response.getWriter()); respOut.println("<P><B>This has been appended by an intrusive filter.</B>"); */ } /** * * @param request The servlet request we are processing * @param response The servlet response we are creating * @param chain The filter chain we are processing * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { String code = request.getParameter("code"); if(code!= null && code.equals("javainfinite")) { chain.doFilter(request, response); } else { RequestDispatcher rd = request.getRequestDispatcher("/sorry.jsp"); rd.forward(request, response); } } /** * Return the filter configuration object for this filter. */ public FilterConfig getFilterConfig() { return (this.filterConfig); } /** * Set the filter configuration object for this filter. * * @param filterConfig The filter configuration object */ public void setFilterConfig(FilterConfig filterConfig) { this.filterConfig = filterConfig; } /** * Destroy method for this filter */ public void destroy() { } /** * Init method for this filter */ public void init(FilterConfig filterConfig) { this.filterConfig = filterConfig; if (filterConfig != null) { if (debug) { log("FilterChecks:Initializing filter"); } } } /** * Return a String representation of this object. */ @Override public String toString() { if (filterConfig == null) { return ("FilterChecks()"); } StringBuffer sb = new StringBuffer("FilterChecks("); sb.append(filterConfig); sb.append(")"); return (sb.toString()); } private void sendProcessingError(Throwable t, ServletResponse response) { String stackTrace = getStackTrace(t); if (stackTrace != null && !stackTrace.equals("")) { try { response.setContentType("text/html"); PrintStream ps = new PrintStream(response.getOutputStream()); PrintWriter pw = new PrintWriter(ps); pw.print("<html>\n<head>\n<title>Error</title>\n</head>\n<body>\n"); //NOI18N // PENDING! Localize this for next official release pw.print("<h1>The resource did not process correctly</h1>\n<pre>\n"); pw.print(stackTrace); pw.print("</pre></body>\n</html>"); //NOI18N pw.close(); ps.close(); response.getOutputStream().close(); } catch (Exception ex) { } } else { try { PrintStream ps = new PrintStream(response.getOutputStream()); t.printStackTrace(ps); ps.close(); response.getOutputStream().close(); } catch (Exception ex) { } } } public static String getStackTrace(Throwable t) { String stackTrace = null; try { StringWriter sw = new StringWriter(); PrintWriter pw = new PrintWriter(sw); t.printStackTrace(pw); pw.close(); sw.close(); stackTrace = sw.getBuffer().toString(); } catch (Exception ex) { } return stackTrace; } public void log(String msg) { filterConfig.getServletContext().log(msg); } }
Servlet.java
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ import java.io.IOException; import java.io.PrintWriter; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * * @author Vikram */ public class Servlet extends HttpServlet { /** * Processes requests for both HTTP <code>GET</code> and <code>POST</code> * methods. * * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); } // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code."> /** * Handles the HTTP <code>GET</code> method. * * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } /** * Handles the HTTP <code>POST</code> method. * * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.print("Filter Success"); out.close(); } @Override public String getServletInfo() { return "Short description"; }// </editor-fold> }