SERVLET FILTERS


Filters are powerful tools in servlet environment.It process request before it reaches a servlet and can process response before it leaves to a servlet.
You can map filters to a URL or a servlet name. When a filter is mapped to a URL (path-mapped), the filter applies to every servlet and JSP in the Web application. When a filter is mapped to a servlet name (servlet-mapped), it applies to a single servlet or JSP.
Filters may be used for large number of tasks like compressing response, modifying request and response headers, logging, change the content type, authenticating the user etc. For eg: suppose you want to check whether the user is already logged in or not. If you are using JSP, you have to write the authentication check in another JSP and include it in all JSP pages. Rather than including it in all pages, you may create an authentication filter class and attach it to all JSP pages. 
 Filters are configured in the deployment descriptor(web.xml) of a web application so that your JSP or Servlet will remain much clean containing code for specific purposes.

There are three interfaces defined in javax.servlet package.
  • FilterConfig – This object acts as configuration object for filter which pass information to filter during initialization. For eg, you may set initialization parameters in web.xml file for filter which could be accessed from this object. It also allow us to get a reference to ServletContext object. Every servlet container has its own implementation of FilterConfig interface.
  • FilterChain – This object is again created by servlet container which provides a convenient method to invoke next filter in the chain or final resource. The method is doFilter (ServletRequest request, ServletResponse response). Suppose one servlet is attached with two filters. In first filter calling doFilter() method of FilterChain object invokes second filter and calling the method in second filter invokes servlet itself.
  • Filter – This is the filter object which actually performs filtering tasks. For creating Filter you have to declare a class which implements this interface.
Servlet filters must implement the javax.servlet.Filter interface and define these methods:
 
Method Summary
void
destroy()
Called by the web container to indicate to a filter that it is being taken out of service.
 void
doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain.
void
init(FilterConfig filterConfig)
Called by the web container to indicate to a filter that it is being placed into service.


In doFilter() method, the following steps are executed.
  • When a client makes HTTP request to a resource, the servlet container checks whether it is associated with filter.
  • If yes, the filter’s doFilter method is called.
  • Inside doFilter() method we may intercept request object and may modify the same. After that we call doFilter() method of FilterChain object. Here it invokes next filter in chain. If no more filters are available, final resource (Servlet, JSP etc) is called.
  • The resource like Servlet or JSP process the request and send response back to client. This again is passed through doFilter method of filter object. All statements written after doFilter() method of chain object is executed again.
  • Finally the response is sent back to client
The skeleton of doFilter() method is given below.:
public void doFilter (ServletRequest request, ServletResponse response, FilterChain chain)
                    throws IOException, ServletException{
      //preprocess statements for request/response objects
      ..................................................................
      ..................................................................     
      //call doFilter() of chain object, invoke next filter or resource     
      chain.doFilter (request, response);     
      //post-processing of request/response objects     
      ..................................................................
      ..................................................................
}




Comments

Post a Comment

Popular posts from this blog

Servlet Advantages and Disadvantages

Servlet Advantage 1.      Servlets provide a way to generate dynamic documents that is both easier to write and faster to run. 2.      provide all the powerfull features of JAVA, such as Exception handling and garbage collection. 3.      Servlet enables easy portability across Web Servers. 4.      Servlet can communicate with different servlet and servers. 5.      Since all web applications are stateless protocol, servlet uses its own API to maintain  session Servlet Disadvantage 1.      Designing in servlet is difficult and slows down the application. 2.      Writing complex business logic makes the application difficult to understand. 3.      You need a Java Runtime Environment on the server to run servlets. CGI is a completely language independent protocol, so you can write CGIs in whatever languages you have available (including Java if you want to). Advantages over CGI The advantages of using Servlets are their fast performance and ease of use combined
Read more

The Deployment Descriptor: web.xml

Image
Before I explain what a deployment descriptor is, we should first understand the web application directory structure WEB APPLICATION DIRECTORY STRUCTURE: A Web application contains a structure hierarchy of directories and files in a standard layout. Such a hierarchy can be accessed in its "unpacked" form, where each directory and file exists in the filesystem separately(This  format is more useful during development) , or in its "packed" WAR file(This format is used  when you distribute your application to be installed) . Any Web Application that is to be deployed in Tomcat has to conform to this directory structure. The format of the structure can be seen in the figure below: Web Application Directory Structure Application Root Directory   - This is the root directory of the Web Application. The name of this directory is named by the developer - for example the default context we created for this module was called "stud
Read more

Session Management

What is a session? A session is pretty much what it sounds, when a user makes a page request to the server, the server creates a temporary session to identify that user. So when that same user goes to another page on that site, the server identifies that user. So a session is a small and temporary unique connection between a server and the user enabling it to identify that user across multiple page requests or visits to that site. Why should a session be maintained? When there is a series of continuous request and response from a same client to a server, the server cannot identify from which client it is getting requests. Because HTTP is a stateless protocol. When there is a need to maintain the conversational state, session tracking is needed. For example, in a shopping cart application a client keeps on adding items into his cart using multiple requests. When every request is made, the server should identify in which client’s cart the item is to be added. So in this sc
Read more