Custom Filter not being invoked

denishpatel1981 · June 21, 2024, 5:49am

Hello,

I referred the help at Servlet-Container Authentication | Advanced Topics | Flow | Vaadin Docs.

Added a simple sysout statement in the doFilter method.

However for some reason I do not see the Filter being invoked.
Any idea what am I missing here? Is there any more configuration that need to be specified?

Thanks,
Denish

marcoc_753 · June 21, 2024, 6:06am

Can you please share the code and some information about your application?
Is it a plain Java application or are you using perhaps Spring Boot with Spring Security?
There might be another filter that runs before yours and blocks the request (e.g. a security filter)

denishpatel1981 · June 21, 2024, 6:30am

Thank you for your response Marco.
I have created a Spring (Web) Application, but not using Spring Boot with Spring Security.

I just want to add login before the user is able to access any page.
I used the same code from the link I shared in the post.

I also added the following 2 annotations based on one of the queries I saw on SO:

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)

marcoc_753 · June 21, 2024, 6:46am

Looking at the linked docs, my understanding is that you are defining a Filter mapped to /connect URL, and then you are doing a post to /connect/login to authenticate the user.
But you also said I just want to add login before the user is able to access any page, so I suppose you are also doing a redirect to the login page for unauthenticated users.

Can you please share your code, so we can get a better understanding of the actual solution and try to provide some help?

BTW, it seems to me that the WebFilter URL pattern might be incorrect in the docs; I expect it to be /connect/* to be able to cover also /connect/login

denishpatel1981 · June 21, 2024, 6:57am

Below is the code for the CustomWebFilter:

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
@WebFilter(“/connect”)
public class CustomWebFilter implements Filter {

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
  System.out.println("In CustomWebFilter");
    //chain.doFilter(new CustomHttpServletRequest((HttpServletRequest) request), response);
    chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException { }

@Override
public void destroy() { }
}

I have defined the filter using the mapping based on the link.
Eventually yes, I do want the user to be redirected to the login page for unauthenticated users.

I am not trying access the Filter directly. Currently, I am only looking to check if the Filter is invoked when I make a request or not. This I verify if the “In CustomWebFilter” is printed. But I do not see it.

marcoc_753 · June 21, 2024, 7:14am

So, if you in the browser do a direct call 'http://localhost:port/context-path/connect`, the filter is not invoked?

denishpatel1981 · June 21, 2024, 9:57am

Correct. Though I am not making a call to connect. I am making a call to one of the Views / Pages. eg. http://localhost:port/award-details. And the filter is not invoked

marcoc_753 · June 21, 2024, 11:13am

This probably explains because the filter is not invoked.
Your filter is mapped to be executed only on the /connect path.
If you want to execute if for every request, you should set the URL mapping to /*,
e.g. @WebFilter("/*")

denishpatel1981 · June 21, 2024, 12:09pm

No it is still not working as expected. I set the URL Mapping to /* and even removed it.

marcoc_753 · June 21, 2024, 12:22pm

That’s weird. Could you share your project?

marcoc_753 · June 21, 2024, 12:36pm

I just tested the following filter in a WAR deployed on tomcat and it works as expected

@WebFilter("/*")
public class MyFilter implements Filter {

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        System.out.println("============ Hello");
        chain.doFilter(request, response);
    }
}

Are you perhaps using some embedded servlet container that disables discovery of annotated components?

denishpatel1981 · June 21, 2024, 12:41pm

Ok, one difference is that I have been running the project as a Spring Boot Application. i.e. Running Application.java and Not deployed on a web server.

Could that be an issue?
Will share the code shortly.

marcoc_753 · June 21, 2024, 1:21pm

Ok, now I got it. I’m sorry, but I misunderstood your initial statement

I read it as you were not using Spring Boot at all.

With Spring Boot, you can expose aFilterRegistrationBean for your filter and map it to /*

    @Bean
    FilterRegistrationBean<MyFilter> myFilterRegistrationBean() {
        FilterRegistrationBean<MyFilter> bean = new FilterRegistrationBean<>(new MyFilter());
        bean.setUrlPatterns(List.of("/*"));
        bean.setAsyncSupported(true);
        return bean;
    }

denishpatel1981 · June 21, 2024, 1:54pm

Deployed it on Tomcat. Am able to see the statements.
Thank you for your help, Marco.