Intercepting request in servlet filter and conditionally return response to sender
I need help with servlet filters.
At the moment we have ChangePassword servlet for Oracle SSO. I want to intercept any call to this servlet and try to return response back to sender (change password jsp) if my check fails. Additionally if all my checks are OK I’ll pass the request to the ChangePassword servlet. One of requirements for this filter is to preserve original parameters and resend them back to initial jsp page if any of my checks fails.
Current doFilter method is:
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException,
ServletException {
// __TB__ 2009_11_06 added for customization
String str_old_password = null;
String str_new_password = null;
String str_new_password_confirm = null;
String str_action = null;
String str_user = request.getParameterValues("p_username")[0];
// __TB__ 2009_11_06 added for customization
// Get the old password value
try {
str_old_password = request.getParameterValues("p_old_password")[0];
} catch (Exception e) {
str_old_password = "";
logger.error("Problem s dohvaćanjem starog passworda za username: " +
str_user);
throw new IOException();
}
// Get the new password
try {
str_new_password = request.getParameterValues("p_new_password")[0];
} catch (Exception e) {
str_new_password = "";
logger.error("Problem s dohvaćanjem novog passworda za username: " +
str_user);
throw new IOException();
}
// Get the new password confrimantion string
try {
str_new_password_confirm =
request.getParameterValues("p_new_password_confirm")[0];
} catch (Exception e) {
str_new_password_confirm = "";
logger.error("Problem s dohvaćanjem potvrde novog passworda za username: " +
str_user);
throw new IOException();
}
// Get the action string
try {
str_action = request.getParameterValues("p_action")[0];
} catch (Exception e) {
str_action = "OK";
}
if (logger.isDebugEnabled()) {
logger.debug("Ulazak u RuPassFilter-doFilter za username: " +
str_user);
}
// Prevent update if passwords are not equal and action is not equal OK
if (str_new_password.toString().equals(str_new_password_confirm.toString()) &&
str_action.equals("OK")) {
try {
if (logger.isDebugEnabled()) {
logger.debug("Novi password i njegova potvrda odgovaraju jedno drugom za username: " +
str_user);
}
//Run update and on any exception pass request to password change servlet except on MyException
MyChecker mc = new MyChecker();
if (logger.isDebugEnabled()) {
logger.debug("Poziv check metode u RuPassFilter-u za username: " +
str_user);
}
mc.check (str_user, str_old_password, str_new_password,
_filterConfig.getServletContext());
if (logger.isDebugEnabled()) {
logger.debug("Odrađena check metoda u RuPassFilter-u za username: " +
str_user);
}
//pass to servlet
chain.doFilte开发者_JS百科r(request, response);
} catch (UtilException ue) {
logger.error("Dogodio se UtileException za username: " +
str_user);
logger.error(ue.getLocalizedMessage());
chain.doFilter(request, response);
} catch (NamingException ne) {
logger.error("Dogodio se NamingException za username: " +
str_user);
logger.error(ne.getLocalizedMessage());
chain.doFilter(request, response);
} catch (IOException ioe) {
logger.error("Dogodio se IOException u RuPassFilter-u za username: " +
str_user);
logger.error(ioe.getLocalizedMessage());
throw ioe;
} catch (MyException me) {
logger.error("Dogodio se MyException u RuPassFilter-u za username: " +
str_user);
logger.error(me.getLocalizedMessage());
//!!!!!!!!!!!!
// At this point I need return response back to sender !!!!!!!!!!!!
//!!!!!!!!!!!!!
}
} else {
if (logger.isDebugEnabled()) {
logger.debug("Passwordi ne odgovraju jedna drugom ili je action različit od OK u RuPassFilter-u za username: " +
str_user);
}
//!!!!!!!!!!!!
// At this point I need return response back to sender !!!!!!!!!!!!
//!!!!!!!!!!!!!
}
// Everything is OK
chain.doFilter(request, response);
}
MyCheck.check method throws MyException if any of my check fails.
Our J2EE server is OC4J in version: 10.1.2.0.2
You can use RequestDispatcher
RequestDispatcher rd = request.getRequestDispatcher("path_for_initial_jsp_page");
try{
MyCheck.check();
}catch(MyException me){
logger.error(me.getLocalizedMessage());
rd.include(request, response);
}
RequestDispatcher.forward(): Once you forward the request from say Servlet A to any other Servlet/JSP control gets transferred from Servlet A to forwarded patrty & it never returns back to A for that request.
RequestDispatcher.include(): In include what you are doing is if Servlet A(Above example) is including the response of other Servlet/JSP(say B or B.jsp) so momentarily Control goes to B or B.jsp (they will genrate the response) control comes back to A & generated response is added in A's Response.
精彩评论