Servlet Filter going in infinite loop when FORWARD used in mapping in JSF

Question

I have a filter defined in web.xml like following:-

    AuthenticationFilter
    

        

Answer 1

Theory:

1. Topics.jsp requires validation, so a redirect is made to LogIn.jsf.

2. LogIn.jsf is served by the FacesServlet. But the page that is containg the faces is really a jsp page. So the servlet mades a forward to the LogIn.jsp (the page that builds the component tree).

3. In your filter, the path is LogIn.jsp and you don't validate a request for LogIn.jsp so you ask for authentication and a redirect to LogIn.jsf is made again. Go to step 2.

So if you remove , the forwarding of the FacesServlet from LogIn.jsf to LogIn.jsp doesn't enter in the loop.

Quick solution: Add LogIn.jsp to the list of path infos in your if statement.

Answer 2

First of all, why do you want to hook on forward/include/error dispatchings as well next to the (default) global and all-covering request?

Get rid of all those <dispatcher> lines in your filter mapping. You don't need any of them for an authentication filter. The HTTP requests are the only which counts. The internal forward/include/error dispatchings can only take place when the HTTP request has already been arrived (and filtered).

Also, instead of this check on the request URI, you can also map the filter on a more specific <url-pattern> like /secured/* or so and put all pages which require a login over there and put the register and login page outside.