You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Arieh Markel <Ar...@Central.Sun.COM> on 2000/03/07 00:11:45 UTC
Adding a new RequestInterceptor
I am now at a point where I have updated our web-related classes to
take advantage of the 3.1M2 API.
I would like to do the following:
a. add an interceptor that behaves in a manner similar to
SessionInterceptor
b. It verifies that our own session-scheme (a pseudo-URL-rewriting)
is addressed on the request.
c. If no session has been set, redirection will occur to the
required 'login' page.
My question to the experts is as follows:
. is an interceptor able to rewrite/modify the request object ?
. is a RequestDispatcher.forward() an appropriate solution
Arieh
--
Arieh Markel Sun Microsystems Inc.
Network Storage 500 Eldorado Blvd. MS UBRM11-194
e-mail: arieh.markel@sun.COM Broomfield, CO 80021
Let's go Panthers !!!! Phone: (303) 272-8547 x78547
(e-mail me with subject SEND PUBLIC KEY to get public key)
Re: Adding a new RequestInterceptor
Posted by co...@eng.sun.com.
> . is an interceptor able to rewrite/modify the request object ?
Yes.
> . is a RequestDispatcher.forward() an appropriate solution
I don't think so - not at interceptor level, RD is a bit too high level.
The simplest thing you can do is just replace the handler ( servlet ) with
your own servlet.
If you want to redirect to a html page or something that is not a servlet
just create a servlet that will redirect ( either send a redirect reply or
just call RequestDispatcher.forward() ).
Take a look at SecurityCheck and form-based login - it's very similar.
We should keep the 2 levels separated ( i.e. Servlet and Tomcat internal),
and the alghoritm used for Interceptors should remain simple - the
interceptors will fill-in Request/Response with aditional info or change
existing objects. In this case you'll change the handler.
( that's how all apache modules work too - the change
request_rec->handler)
Costin