Monday, December 29, 2014

Having trouble implementing Filter interface for validation


What m doing is.

Whenever a user successfully logs in to my web application its sets the loggedUserType attribute as the student or teacher.

Now i want that some pages should be available to teacher only

so for this m using filters

This is my code for filter



Java Code:



package ankit;
import javax.servlet.Filter;
import javax.servlet.http.*;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import java.io.IOException;
import javax.servlet.ServletException;

public class SessionCheckFilter implements Filter {

private String contextPath,userType;

public void init(FilterConfig fc) throws ServletException {
contextPath = fc.getServletContext().getContextPath();
}

public void doFilter(ServletRequest request, ServletResponse response, FilterChain fc) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
userType = String.parseString(req.getSession().getAttribute("loggedUserType"));
if (req.getSession().getAttribute("loggedUserType") == null) { //checks if there's a loggedUserType set in session...
res.sendRedirect("http://localhost:8080/vt/index.jsp"); //or page where you want to redirect
} else {
System.out.println("Inside Filter="+userType);
if (!userType.equals("teacher")){ //check if user type is not teacher
res.sendRedirect("http://localhost:8080/vt/index.jsp"); //or page where you want to
}
// This if part is always executed even though the value of userType is teacher.
fc.doFilter(request, response);
}
}

public void destroy() {
}
}

This is web.xml file content for filter mapping


Java Code:



<filter>
<filter-name>SessionCheckFilter</filter-name>
<filter-class>ankit.SessionCheckFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SessionCheckFilter</filter-name>
<url-pattern>/teacher.jsp</url-pattern> <!-- url from where you implement the filtering -->
</filter-mapping>

i want that only user with loggerUserType attribute as teacher should be allowed to view /teacher.jsp page

but in my case even teacher are being redirected to home page i.e. index.jsp

Whats wrong in my code?

can anyone please help me



No comments:

Post a Comment