You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Alexander Wallace <to...@rwsoft-online.com> on 2002/08/09 17:46:07 UTC

Problems with *


Hi there! New to the list. And to java and tomcat, so please be nice.

I have a problem with a servlet mapping. If i use a url-pattern like

<url-pattern>/Hello</url-pattern> on a servlet mapping pointing to a
particular servlet, the servlet get's the request and i can use
request.getServletPath() to get the URI.

But if I use something like <url-pattern>/*</url-pattern> or
<url-pattern>*</url-pattern>, and it seems that anyghing with an *, the
servlet get's called, BUT request.getServletPath() is empty!

What I want is to actually direct all requests to my webapp to a
particular servlet to validate priviledges (is this the best way to
ensure that noone without permission accesses any page?)

Thanks in advance for the help! 



--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Problems with *

Posted by "Craig R. McClanahan" <cr...@apache.org>.

On 9 Aug 2002, Alexander Wallace wrote:

> Date: 09 Aug 2002 16:46:07 +0100
> From: Alexander Wallace <to...@rwsoft-online.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: Tomcat Users List <to...@jakarta.apache.org>
> Subject: Problems with <url-pattern>*
>
>
>
> Hi there! New to the list. And to java and tomcat, so please be nice.
>
> I have a problem with a servlet mapping. If i use a url-pattern like
>
> <url-pattern>/Hello</url-pattern> on a servlet mapping pointing to a
> particular servlet, the servlet get's the request and i can use
> request.getServletPath() to get the URI.
>
> But if I use something like <url-pattern>/*</url-pattern> or
> <url-pattern>*</url-pattern>, and it seems that anyghing with an *, the
> servlet get's called, BUT request.getServletPath() is empty!
>

If you use a "/*" mapping, you won't see anything in getServletPath(), but
check out getPathInfo() -- that's defined to give you "everything in the
request URI after the part that matched my servlet."  Because the part
that matched your servlet in this case is a zero-length string, you'll see
all the stuff you want.

> What I want is to actually direct all requests to my webapp to a
> particular servlet to validate priviledges (is this the best way to
> ensure that noone without permission accesses any page?)
>

You will soon find out that a servlet mapping is not what you want here.

Consider the case of a JSP page.  The "*.jsp" pattern is mapped to the JSP
servlet, but a "/*" mapping intercepts those requests, and there's no way
to get from here to there.

Your answer would be to use a Filter instead of a Servlet (requires a
servlet 2.3 container like Tomcat 4 or later).  You can map a Filter to
one or more URL patterns without interfering with which Servlet is
ultimately responsible for processing the request.  A Filter can do things
like inspect the request (or the appropriate session) and do things like
redirect if the user is not logged on (by doing a
RequestDispatcher.forwrd()) or passing the request through in the normal
case.

> Thanks in advance for the help!
>

Craig

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>