I want to develop my login开发者_JS百科 process on my app in a secure way. I used spring MVC 3 structure to dispatch the request related urls. My dispatcher servlet handle all request then my login controller maps required pages. I want to add my custom filter for login process (if user already exists, then welcome page appers otherwise an error page). It may be simple but I am new at spring world. I added my filter into web.xml then it is run. But my question is that how can I trig to my login controller inside of my filter. Is there a way of using dispatcher servlet and custom filter at same time, or my mind is just confused.
Please help me, Best regard
As with most thing in Spring, there are probabaly many ways of doing this. I like this one: DelegatingFilterProxy. Search for DelegatingFilterProxy in the Spring 3.0.x API
In your filter, check if the user is logged in. If they are not, redirect to your login page. Otherwise, pass the HttpServletRequest unchanged.
Also, Spring Secuirty is a handy tool for adding security to your web application (not only web).
This topic explains how to use DelegatingFilterProxy: http://forum.springsource.org/showthread.php?20230-Howto-The-joy-that-is-DelegatingFilterProxy
精彩评论