Solution, basically you need your own filter class and define the URL exception as init-param for the filter
package test; import java.io.IOException; import java.util.ArrayList; import java.util.List; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginValidationFilter implements Filter { private String loginPage = ""; private List<String> excludedURLs; public void init(FilterConfig filterConfig) throws ServletException { this.loginPage = filterConfig.getInitParameter("loginPage"); String[] excluded = filterConfig.getInitParameter("excludedURLs").split(";"); excludedURLs = new ArrayList<String>(); for (int i = 0; i < excluded.length; i++) { excludedURLs.add(excluded[i]); } } public void destroy() { this.loginPage = ""; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest httpRequest = request instanceof HttpServletRequest ? (HttpServletRequest) request : null; HttpServletResponse httpResponse = response instanceof HttpServletResponse ? (HttpServletResponse) response : null; if (httpRequest == null || httpResponse == null) { filterChain.doFilter(request, response); return; } boolean isExcludedURL = false; for (int i = 0; i < excludedURLs.size(); i++) { if (httpRequest.getRequestURL().indexOf(excludedURLs.get(i)) > -1) { isExcludedURL = true; break; } } if (isExcludedURL) { filterChain.doFilter(request, response); } else { if (UserUtil.validateUserLogin(httpRequest)) { filterChain.doFilter(request, response); } else { httpResponse.sendRedirect(httpRequest.getContextPath() + loginPage); } } } }
And define filters, matching, and exclude URLs in web.xml
<filter> <filter-name>LoginValidationFilter</filter-name> <filter-class>test.LoginValidationFilter</filter-class> <init-param> <param-name>loginPage</param-name> <param-value>/login.jsp</param-value> </init-param> <init-param> <param-name>excludedURLs</param-name> <param-value>/admin/;/assets/;/content/;/css/;/js/;/login.jsp;/login.cmd;/logout.cmd;forgot_password.jsp;pageName=</param-value> </init-param> </filter> <filter-mapping> <filter-name>LoginValidationFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
softskin
source share