Servlet filtering provides a new type of object called
a filter that can transform a request or modify a response.
You can chain filters together so that a group of filters can act on the
input and output of a specified resource or group of resources.
Filters typically include logging filters, image conversion filters, encryption
filters, and Multipurpose Internet Mail Extensions (MIME) type filters (functionally
equivalent to the servlet chaining). Although filters are not servlets, their
life cycle is very similar.
Filters are handled in the following manner:
- The Web container determines whether it needs to construct a FilterChain
containing the LoggingFilter for the requested resource.
The FilterChain begins
with the invocation of the LoggingFilter and ends with the invocation
of the requested resource.
- If other filters need to go in the chain, the Web container places
them after theLoggingFilter and before the requested resource.
- The Web container then instantiates and initializes the LoggingFilter (if
it was not done previously) and invokes its doFilter(FilterConfig) method
to start the chain.
- The LoggingFilter preprocesses the request and response objects
and then invokes the filter chain doFilter(ServletRequest, ServletResponse)
method.
This method passes the processing to the next resource in the
chain, the requested resource.
- Upon return from the filter chain doFilter(ServletRequest, ServletResponse) method,
the LoggingFilter performs post-processing on the request and response
object before sending the response back to the client.
For transitioning users: Java™ Servlet
Specification 2.4 enables you to define a new
<dispatcher> element
in the deployment descriptor with possible values such as REQUEST, FORWARD,
INCLUDE, ERROR, instead of invoking filters with RequestDispatcher.
trns
For example:
<filter-mapping>
<filter-name>Logging Filter</filter-name>
<url-pattern>/products/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
This indicates that the filter should be applied
to requests directly from the client as well as forward requests. Adding the
INCLUDE and ERROR values also indicates that the filter should additionally
be applied for included requests and
<error-page> requests.
If you do not specify any <dispatcher> elements, then the default is
REQUEST.
Filter, FilterChain, FilterConfig classes for servlet filtering
The
following interfaces are defined as part of the javax.servlet package:
- Filter interface - methods: doFilter, getFilterConfig, setFilterConfig
- FilterChain interface - methods: doFilter
- FilterConfig interface - methods: getFilterName, getInitParameter, getInitParameterNames,
getServletContext
The following classes are defined as part of the javax.servlet.http
package:
- HttpServletRequestWrapper - methods: See the Servlet 2.4 Specification
- HttpServletResponseWrapper - methods: See the Servlet 2.4 Specification