mixing static html pages and JSPs

I ran into something that I never thought of before and it stumped me.

I have a site done using servlets and JSPs. There is an auth mechanism that works well and is much liked. There is now the need to add a static directory containing static HTML pages under the same umbrella. The requirement is that these pages should not be converted to JSPs and I should also use the same auth session as the JSPs do. In other words people should not be able to access the static pages without authenticating using the same credentials as the JSP site.

I am not sure quite how to do this as Filters only come into the picture if its a JSP or servlet isn't it? I also do not want a special configuration in the WebServer for this directory as that would make it go开发者_JS百科 outside the realm of the original auth session I am trying to use.

Any pointers on how to achieve this?

Thanks, - Pav

---

I am not sure quite how to do this as Filters only come into the picture if its a JSP or servlet isn't it?

This is not true. If the files are served by the same webapp/servletcontainer, then you can perfectly use a Filter for this. They intercepts on all kinds of requests matching the specified url-pattern regardless of the target type. Just let it as well listen on an url-pattern matching the static content. E.g. /static/* whereby you drop all the static content in a folder called /static. Or if you already have a Filter listening on /*, it will be invoked as well.