Friday, 24 October 2014

Servlet Filter

Servlet Filter is a object inside web container, which is used to intercept the request and response before sending to server resource and browser.


In above diagram you can see that browser send the request to access the server request but in middle, Filter Object intercept the browser request and take action against the request and forward to server resource. Similarly Filter intercept in response also which is coming from Server Resource and take against it before sending to the browser.

Keeping Filter inside web container has various use-cases like(but use-case are not limited)-
  • User Authentication or Authorization-Blocking requests based on user identity.
  • Server load handle-Reject the request if server load is too much.
  • Logging and auditing -Tracking users of a web application
  • Data compression- Making downloads smaller.
  • Server Code Debug- Debug the server resource for performance tuning
In order to create the servlet filter, Filter interface (javax.servlet.Filter) need to be implemented.
Method decryption of Filter interface is given below-

void destroy()
          Called by the web container to indicate to a filter that it is being taken out of service.
 void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
          The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain.
FilterChain is an object provided by the servlet container to the developer giving a view into the invocation chain of a filtered request for a resource. Filters use the FilterChain to invoke the next filter in the chain, or if the calling filter is the last filter in the chain, to invoke the resource at the end of the chain. 
 void init(FilterConfig filterConfig)
          Called by the web container to indicate to a filter that it is being placed into service.
This filter configuration object used by a servlet container to pass information to a filter during initialization.

Let's take one example- whenever browser will send request along with allow parameter then only filter will allow to send request to the server otherwise it will reject.

MyServletFilter.java
 
package com.rkclass; 
import javax.servlet.*;
import java.io.IOException;


public class MyServletFilter implements Filter {

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain filterChain)
    throws IOException, ServletException {
 
       String myParam = request.getParameter("allow");

       if("allow".equals(myParam)){
          filterChain.doFilter(request, response);
       }
    }

    public void destroy() {
    }
}
 

 
Web.xml
 
<filter>
    <filter-name>myFilter</filter-name>
    <filter-class>com.rkclass.MyServletFilter</filter-class>
</filter>

<filter-mapping>
    <filter-name>myFilter</filter-name>
    <url-pattern>*.do</url-pattern>
</filter-mapping> 

No comments:

Post a Comment