You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Melcy Mahesh <me...@yahoo.com> on 2003/04/18 11:43:16 UTC
Authentication Filters
Hi, I have written an Authentication Filter to check if the user is authenticated before accessing any web-page in my application. My filter mapping is as follows. <filter-mapping> <filter-name>Authentication Filter</filter-name> <url-pattern>/*</url-pattern></filter-mapping> The functionality of the filter works fine.(Redirecting to the Logon page, when the user is not authenticated) But, I notice that the filter.dofilter() is executed for every image(*.gif) that I have on my web-page. 1. Could someone please help me to understand why is that the filter gets executed for images, as though it is a new request?2. None of the images are displayed on my screen. Why is it?3. Is there a way to modify my url-pattern so that the filter is not executed for my images on the screen? Thanks,Melcy
---------------------------------
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
RE: Authentication Filters
Posted by mike jackson <mj...@cdi-hq.com>.
1) You told it. Any file that is accessed is going to be checked. Not
just the first file requested. I'm going to go out on a limb and say
that perhaps you need to do some reading of how img tags work. The html
page is one request, *each* img tag is another request to the web
server. It may only use one socket connection and stream all of the
requests through that one socket, but each file is treated separately.
2) Ok, then the filter isn't allowing access for some reason. Hopefully
you have a log that you can look at to determine why your filter choose
to not all access to the gifs.
3) Add a ".<extension>" to the url pattern, in other works like this:
<url-pattern>/*.jsp</url-pattern>
What you might want to consider is building a list of files that are to
be protected, and re-write the filter to allow access to the resource
unless it's in the list of files. That way you can still use the url
pattern which specifies any file, but only protect certain files.
--mikej
-=------
mike jackson
mjackson@cdi-hq.com
> -----Original Message-----
> From: Melcy Mahesh [mailto:melcymahesh@yahoo.com]
> Sent: Friday, April 18, 2003 1:43 AM
> To: Tomcat
> Subject: Authentication Filters
>
> Hi, I have written an Authentication Filter to check if the user is
> authenticated before accessing any web-page in my application. My
filter
> mapping is as follows.
>
> <filter-mapping>
> <filter-name>AuthenticationFilter</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
> The functionality of the filter works fine.(Redirecting to the Logon
page,
> when the user is not authenticated) But, I notice that the
> filter.dofilter() is executed for every image(*.gif) that I have on my
> web-page. 1. Could someone please help me to understand why is that
the
> filter gets executed for images, as though it is a new request?2.
None of
> the images are displayed on my screen. Why is it?3. Is there a way to
> modify my url-pattern so that the filter is not executed for my images
on
> the screen? Thanks,Melcy
>
>
> ---------------------------------
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Localhost won't bring up Tomcat page
Posted by Allan Quartly <al...@kooee.com.au>.
Hi
I'm trying to install Tomcat on a Win98 SE machine to learn some JSP. I
think I have it installed and set up properly. I get:
Using CATALINA_BASE: c:\tomcat
Using CATALINA_HOME: c:\tomcat
Using CATALINA_TMPDIR: c:\tomcat\temp
Using JAVA_HOME: c:\java\jdk1.3.1
But when I open a browser and type in http://localhost or
http://localhost:8080 I get the usual cannot find page message.
This may not be linked but shutdown doesn't work, I have to close it by
clicking on the x. Also, it doesn't startup from DOS, says:
Out of environment space
Cannot find
This file is needed to run this program
I also have Apache installed, if that makes a difference.
Thanks in advance.
allan
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Authentication Filters
Posted by Jacob Kjome <ho...@visi.com>.
Seems to me you'd want to do a filter mapping to *.jsp or whatever types of
files you want to protect. Or, you could just check the mime-type in the
filter and bypass the logic for mime-types such as image/gif, image/jpeg,
etc....
Jake
At 02:43 AM 4/18/2003 -0700, you wrote:
>Hi, I have written an Authentication Filter to check if the user is
>authenticated before accessing any web-page in my application. My filter
>mapping is as follows. <filter-mapping> <filter-name>Authentication
>Filter</filter-name> <url-pattern>/*</url-pattern></filter-mapping>
>The functionality of the filter works fine.(Redirecting to the Logon page,
>when the user is not authenticated) But, I notice that the
>filter.dofilter() is executed for every image(*.gif) that I have on my
>web-page. 1. Could someone please help me to understand why is that the
>filter gets executed for images, as though it is a new request?2. None of
>the images are displayed on my screen. Why is it?3. Is there a way to
>modify my url-pattern so that the filter is not executed for my images on
>the screen? Thanks,Melcy
>
>
>---------------------------------
>Do you Yahoo!?
>The New Yahoo! Search - Faster. Easier. Bingo.