Java Code House: Session Filter for session tracking

Today I will show you how you can use the power of filters to do session tracking. We will create a special type of filter here that will do session tracking. You people must have experienced that when you visit some websites(like facebook,twitter etc) you cannot access all the pages until you are logged in. Today we will implement this feature. We will write a session filter that checks for a certain attribute in the session object to see whether the user is already logged in or not. If the user is logged in then he can access those pages otherwise will be redirected to the home page. Here the filter will act as a phantom and intercept the request and according to that send the response.
Here we will consider that as soon as the user logs in a attribute named "user" is set with object of some User class that contains all user details using methods getSession(false) and getAttribute(). So we will test whether taht attribute exists or not. If it exists then he will be able to access the requested page, otherwise will be redirected to login page using sendRedirect().
--------------------------------------------------------------------------------------------------------------------------

Java Source Code

--------------------------------------------------------------------------------------------------------------------------
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SessionFilter implements Filter {

public void destroy() {
System.out.println("SessionFilter destroyed");
}

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest)request; //casting
HttpServletResponse res=(HttpServletResponse)response;
HttpSession session=req.getSession(false); //getting session object
if(session!=null){
Object usr=session.getAttribute("user"); //getting attribute
if(usr==null){ //if its null then not logged in
System.out.println("Invalid Session");
res.sendRedirect("./login.jsp"); //redirecting to login page
}
else
chain.doFilter(req, res); //permitting to access if logged in
}
else
res.sendRedirect("./login.jsp"); //redirecting if no session object
}

public void init(FilterConfig fConfig) throws ServletException {
System.out.println("SessionFilter initialized");
}
}

NOTE : If you are using servlet 3.0 then mention the url's for which you want to add this filter using WebFilter annotation. But if you are using Servlet2.5 then use the <filter-mapping> tag in web.xml to map this filter to url's. So depending on your web-app use the different way you want , so I am not mentioning it in my code.

--------------------------------------------------------------------------------------------------------------------------

Download Links

--------------------------------------------------------------------------------------------------------------------------

DOWNLOAD the source from Mediafire

DOWNLOAD the source from 4shared

Java Code House

Deals anything related to Java

Session Filter for session tracking

0 comments:

Post a Comment

Total Pageviews

Followers

Labels

Popular Posts

Links

Blog Archive

About Me