servlet filter skipping problem? - Programmers Heaven

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

servlet filter skipping problem?

vijendra_makervijendra_maker Posts: 2Member
I am trying to skip going through filter in my code if certain condition met(i.e. rss.xml or rss.rdf)
But after doing all kind of R&d i am unable to make it.
My tried code is mentioned below.
any modifications suggested.

if(totaluri.endsWith("rss.rdf") && auth_string==null){
in this line i am trying to make this but it always gpes to
if(auth_string==null){
where authecation is must.
My ultimate goal is to read rss.xml/rdf in rs reader which is present outside the program.
where i can't pass username and password stuff.

public void doFilter(ServletRequest request, ServletResponse servletresponse, FilterChain chain)
throws IOException, ServletException {
// Create wrappers for the request and response objects.
// Using these, you can extend the capabilities of the
// request and response, for example, allow setting parameters
// on the request before sending the request to the rest of the filter chain,
// or keep track of the cookies that are set on the response.
//
// Caveat: some servers do not handle wrappers very well for forward or
// include requests.

HttpServletRequest hsr=(HttpServletRequest)request;
HttpServletResponse response=(HttpServletResponse)servletresponse;

HttpSession hs=hsr.getSession();

String auth_string=(String)hs.getAttribute("Authentication");

String contextpath=hsr.getContextPath();
String querystring=hsr.getQueryString();

String host_address=getHostAddress(hsr);
String totaluri=hsr.getRequestURI()+querystring;
totaluri=totaluri.replaceAll("//","/");

if(totaluri.endsWith("rss.rdf") && auth_string==null){
hs.setAttribute("Authentication", "Validating");
hs.setAttribute("uri",totaluri);

response.setContentType("text/html");
response.setHeader("Cache-Control","no-cache");//For HTTP 1.1
response.setHeader("Pragma","no-cache"); //For HTTP 1.0
response.setDateHeader ("Expires", -1);

PrintWriter pw=response.getWriter();
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("document.g.glink.value = document.g.glink.value ;");
pw.println("");
pw.println("");
pw.println("");
pw.close();
return;
}

else if(auth_string==null) {
hs.setAttribute("Authentication", "Validating");
String context_path=hsr.getContextPath();
String query_string=hsr.getQueryString();
if(query_string == null)
query_string="";
else
query_string="?"+query_string;

String hostaddress=getHostAddress(hsr);
String total_uri=hsr.getRequestURI()+query_string;
total_uri=total_uri.replaceAll("//","/");

hs.setAttribute("uri",total_uri);

response.setContentType("text/html");
response.setHeader("Cache-Control","no-cache");//For HTTP 1.1
response.setHeader("Pragma","no-cache"); //For HTTP 1.0
response.setDateHeader ("Expires", -1);

PrintWriter pw=response.getWriter();
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("");
pw.println("document.g.glink.value = document.g.glink.value ;");
pw.println("");
pw.println("");
pw.println("");
pw.close();
return;

} else if(auth_string.equals("Validated")) {
String username=(String)hs.getAttribute("USERNAME");
RequestWrapper wrappedRequest = new RequestWrapper((HttpServletRequest)request, username);
chain.doFilter(wrappedRequest, response);
} else if(auth_string.equals("Validating") && hsr.getRequestURI().replaceAll("//","/").equals(new String(hsr.getContextPath()+"/LoginServlet").replaceAll("//", "/")))
{
chain.doFilter(request,response);
} else {
response.setContentType("text/html");
PrintWriter pw=response.getWriter();
pw.println("");
pw.println("");
pw.println("Authentication failed.. Please try again. If it does not work, please close your browser and try again");
pw.println("");
pw.println("");
pw.close();
return;
}
}



thanks
vijendra

Comments

  • zibadianzibadian Posts: 6,349Member
    : I am trying to skip going through filter in my code if certain condition met(i.e. rss.xml or rss.rdf)
    : But after doing all kind of R&d i am unable to make it.
    : My tried code is mentioned below.
    : any modifications suggested.
    :
    : if(totaluri.endsWith("rss.rdf") && auth_string==null){
    : in this line i am trying to make this but it always gpes to
    : if(auth_string==null){
    : where authecation is must.
    : My ultimate goal is to read rss.xml/rdf in rs reader which is present outside the program.
    : where i can't pass username and password stuff.
    :
    : public void doFilter(ServletRequest request, ServletResponse servletresponse, FilterChain chain)
    : throws IOException, ServletException {
    : // Create wrappers for the request and response objects.
    : // Using these, you can extend the capabilities of the
    : // request and response, for example, allow setting parameters
    : // on the request before sending the request to the rest of the filter chain,
    : // or keep track of the cookies that are set on the response.
    : //
    : // Caveat: some servers do not handle wrappers very well for forward or
    : // include requests.
    :
    : HttpServletRequest hsr=(HttpServletRequest)request;
    : HttpServletResponse response=(HttpServletResponse)servletresponse;
    :
    : HttpSession hs=hsr.getSession();
    :
    : String auth_string=(String)hs.getAttribute("Authentication");
    :
    : String contextpath=hsr.getContextPath();
    : String querystring=hsr.getQueryString();
    :
    : String host_address=getHostAddress(hsr);
    : String totaluri=hsr.getRequestURI()+querystring;
    : totaluri=totaluri.replaceAll("//","/");
    :
    : if(totaluri.endsWith("rss.rdf") && auth_string==null){
    : hs.setAttribute("Authentication", "Validating");
    : hs.setAttribute("uri",totaluri);
    :
    : response.setContentType("text/html");
    : response.setHeader("Cache-Control","no-cache");//For HTTP 1.1
    : response.setHeader("Pragma","no-cache"); //For HTTP 1.0
    : response.setDateHeader ("Expires", -1);
    :
    : PrintWriter pw=response.getWriter();
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("document.g.glink.value = document.g.glink.value ;");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.close();
    : return;
    : }
    :
    : else if(auth_string==null) {
    : hs.setAttribute("Authentication", "Validating");
    : String context_path=hsr.getContextPath();
    : String query_string=hsr.getQueryString();
    : if(query_string == null)
    : query_string="";
    : else
    : query_string="?"+query_string;
    :
    : String hostaddress=getHostAddress(hsr);
    : String total_uri=hsr.getRequestURI()+query_string;
    : total_uri=total_uri.replaceAll("//","/");
    :
    : hs.setAttribute("uri",total_uri);
    :
    : response.setContentType("text/html");
    : response.setHeader("Cache-Control","no-cache");//For HTTP 1.1
    : response.setHeader("Pragma","no-cache"); //For HTTP 1.0
    : response.setDateHeader ("Expires", -1);
    :
    : PrintWriter pw=response.getWriter();
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.println("document.g.glink.value = document.g.glink.value ;");
    : pw.println("");
    : pw.println("");
    : pw.println("");
    : pw.close();
    : return;
    :
    : } else if(auth_string.equals("Validated")) {
    : String username=(String)hs.getAttribute("USERNAME");
    : RequestWrapper wrappedRequest = new RequestWrapper((HttpServletRequest)request, username);
    : chain.doFilter(wrappedRequest, response);
    : } else if(auth_string.equals("Validating") && hsr.getRequestURI().replaceAll("//","/").equals(new String(hsr.getContextPath()+"/LoginServlet").replaceAll("//", "/")))
    : {
    : chain.doFilter(request,response);
    : } else {
    : response.setContentType("text/html");
    : PrintWriter pw=response.getWriter();
    : pw.println("");
    : pw.println("");
    : pw.println("Authentication failed.. Please try again. If it does not work, please close your browser and try again");
    : pw.println("");
    : pw.println("");
    : pw.close();
    : return;
    : }
    : }
    :
    :
    :
    : thanks
    : vijendra
    :
    This if-statement:
    [code]
    if(totaluri.endsWith("rss.rdf") && auth_string==null)
    [/code]
    is evaluated as follows:
    First it evaluates the endsWith(). Then it performs a logical AND between the result of endsWith() and the auth_string object. Finally it compares that boolean value with the null value. This comparison is always false.
    Solution: Place brackets to force the statement to first check the result of endsWith() and the result of the auth_string==null. Then combine them with the logical &&.
Sign In or Register to comment.