Comments on: Tutorial: HTTP Session handling using Servlet Filters http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html Tutorials, Java, J2EE, Struts, AJAX, JavaScript, CSS, Web 2.0, MySQL, Articles Wed, 17 Mar 2010 06:28:28 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Viral Patel http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-12187 Viral Patel Tue, 23 Feb 2010 18:41:35 +0000 http://viralpatel.net/blogs/?p=798#comment-12187 @Chandra: The above example will work for you in any case. i.e. it will work for JSPs, Servlets or Struts2 as well. Filters are available for both servlets and JSPs because we have mapped /* url with filter SessionFilter. @Chandra: The above example will work for you in any case. i.e. it will work for JSPs, Servlets or Struts2 as well. Filters are available for both servlets and JSPs because we have mapped /* url with filter SessionFilter.

]]> By: Chandra http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-12186 Chandra Tue, 23 Feb 2010 17:53:16 +0000 http://viralpatel.net/blogs/?p=798#comment-12186 Hi Viral, Can we do the same thing..i.e when user copy paste the URL in new window, he must be redirected to Login page using JSPs. I am using Struts 2.0 framework. I am not using servlets. Filters are available for servlets only or for JSPs also? TIA Hi Viral,

Can we do the same thing..i.e when user copy paste the URL in new window, he must be redirected to Login page using JSPs. I am using Struts 2.0 framework. I am not using servlets. Filters are available for servlets only or for JSPs also?

TIA

]]> By: Selvanayagam http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-11658 Selvanayagam Tue, 17 Nov 2009 05:15:37 +0000 http://viralpatel.net/blogs/?p=798#comment-11658 I have a problem After the session expires. the user is asked to relogin. When he relogins he must be redirected to the page the where the session expired. I please to send me your reply to mail id. I am waiting for your reply thanks in advance I have a problem

After the session expires. the user is asked to relogin. When he relogins
he must be redirected to the page the where the session expired. I please to send me your
reply to mail id. I am waiting for your reply

thanks in advance

]]> By: Keith http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-11608 Keith Mon, 09 Nov 2009 18:39:43 +0000 http://viralpatel.net/blogs/?p=798#comment-11608 Hello Viral, Thank you for this tutorial it's been very useful. Is there a way to send the user to the page they've selected when the session expired? What I have done is to store the selected link as an attribute and tried to alter the response by setting it as the string of the response.sendRedirect but this isn't working for me. Do you have any advice as to how I might be able to achieve this? Thanks. Hello Viral,

Thank you for this tutorial it’s been very useful. Is there a way to send the user to the page they’ve selected when the session expired?

What I have done is to store the selected link as an attribute and tried to alter the response by setting it as the string of the response.sendRedirect but this isn’t working for me. Do you have any advice as to how I might be able to achieve this?

Thanks.

]]> By: Keith http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-11571 Keith Fri, 30 Oct 2009 15:25:47 +0000 http://viralpatel.net/blogs/?p=798#comment-11571 When my session expires it's not making it to the filter? Any idea of what I might be missing that is causing this to happen? When my session expires it’s not making it to the filter? Any idea of what I might be missing that is causing this to happen?

]]> By: Viral Patel http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-11568 Viral Patel Fri, 30 Oct 2009 13:57:50 +0000 http://viralpatel.net/blogs/?p=798#comment-11568 Hi daniel, Thanks for sharing useful link. Hi daniel, Thanks for sharing useful link.

]]> By: daniel http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-11560 daniel Thu, 29 Oct 2009 12:35:46 +0000 http://viralpatel.net/blogs/?p=798#comment-11560 I had the problem with “Cannot create a session after the response has been committed” when using filter and JSF. The solution was to do a requestDispatcher.forward instead of response.sendRedirect. Look here: http://javaboutique.internet.com/tutorials/Servlet_Filters/redirect.html I had the problem with “Cannot create a session after the response has been committed” when using filter and JSF.
The solution was to do a requestDispatcher.forward instead of response.sendRedirect.
Look here:
http://javaboutique.internet.com/tutorials/Servlet_Filters/redirect.html

]]> By: FlorianR http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-11511 FlorianR Fri, 16 Oct 2009 10:43:58 +0000 http://viralpatel.net/blogs/?p=798#comment-11511 Hi dod, you've got an error in line 34, please remove the semicolon. Additionally i get the "Cannot create a session after the response has been committed"-message, too, although i don't put anything in out?! Any idea? -------------- public class SessionFilter implements Filter { private ArrayList urlList; private int totalURLS; public void destroy() { } public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; String url = request.getServletPath(); boolean noSessionNeeded = false; for(int i=0; i<totalURLS; i++) { String pattern=urlList.get(i); if(url.contains(pattern)) { noSessionNeeded = true; break; } } if (!noSessionNeeded) { HttpSession session = request.getSession(false); boolean exists=(session!=null); boolean isNew=session.isNew(); if(!exists) response.sendRedirect("index.jsp"); if(isNew) response.sendRedirect("index.jsp"); } chain.doFilter(req, res); } public void init(FilterConfig config) throws ServletException { String urls = config.getInitParameter("noSessionNeeded"); StringTokenizer token = new StringTokenizer(urls, ","); urlList = new ArrayList(); while (token.hasMoreTokens()) { urlList.add(token.nextToken()); } totalURLS = urlList.size(); } } Hi dod,

you’ve got an error in line 34, please remove the semicolon.
Additionally i get the “Cannot create a session after the response has been committed”-message, too, although i don’t put anything in out?!

Any idea?

————–
public class SessionFilter implements Filter {
private ArrayList urlList;
private int totalURLS;

public void destroy() {
}

public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String url = request.getServletPath();
boolean noSessionNeeded = false;

for(int i=0; i<totalURLS; i++) {
String pattern=urlList.get(i);
if(url.contains(pattern)) {
noSessionNeeded = true;
break;
}
}

if (!noSessionNeeded) {
HttpSession session = request.getSession(false);
boolean exists=(session!=null);
boolean isNew=session.isNew();
if(!exists) response.sendRedirect("index.jsp");
if(isNew) response.sendRedirect("index.jsp");
}

chain.doFilter(req, res);
}

public void init(FilterConfig config) throws ServletException {
String urls = config.getInitParameter("noSessionNeeded");
StringTokenizer token = new StringTokenizer(urls, ",");

urlList = new ArrayList();

while (token.hasMoreTokens()) {
urlList.add(token.nextToken());

}
totalURLS = urlList.size();
}
}

]]> By: Viral Patel http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-7842 Viral Patel Thu, 28 May 2009 15:35:09 +0000 http://viralpatel.net/blogs/?p=798#comment-7842 Nice to see that your error got resolved :-) I think the code HttpSession session = request.getSession(); needs to be replaced with HttpSession session = request.getSession(false); otherwise everytime a new session will get created. Nice to see that your error got resolved :-)
I think the code HttpSession session = request.getSession(); needs to be replaced with HttpSession session = request.getSession(false); otherwise everytime a new session will get created.

]]> By: dod http://viralpatel.net/blogs/2009/02/http-session-handling-tutorial-using-servlet-filters-session-error-filter-servlet-filter.html/comment-page-1#comment-7841 dod Thu, 28 May 2009 15:26:47 +0000 http://viralpatel.net/blogs/?p=798#comment-7841 Ok, so the code seems to be working public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; String url = request.getServletPath(); String contextPath = request.getContextPath(); boolean allowedRequest = false; for(int i=0; i<totalURLS; i++) { if(url.contains(urlList.get(i))) { allowedRequest = true; break; } } if (!allowedRequest) { HttpSession session = request.getSession(); if (null == session) { response.sendRedirect(contextPath+"/jsp/loginError.jsp"); }else{ String logged = (String) session.getAttribute("logged-in"); if (logged == null){ response.sendRedirect(contextPath+"/jsp/loginError.jsp"); }else{ chain.doFilter(request, response); } } } else{ chain.doFilter(request, response); } } Ok, so the code seems to be working

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;

String url = request.getServletPath();
String contextPath = request.getContextPath();
boolean allowedRequest = false;

for(int i=0; i<totalURLS; i++) {
if(url.contains(urlList.get(i))) {
allowedRequest = true;
break;
}
}
if (!allowedRequest) {
HttpSession session = request.getSession();
if (null == session) {
response.sendRedirect(contextPath+”/jsp/loginError.jsp”);
}else{
String logged = (String) session.getAttribute(“logged-in”);
if (logged == null){
response.sendRedirect(contextPath+”/jsp/loginError.jsp”);
}else{
chain.doFilter(request, response);
}
}
} else{
chain.doFilter(request, response);
}

}

]]>