I want to use Servlet Filter to do authentication, but I fail to implement it correctly. Filter is dispatched for every request to the application, except the login page itself. If the user is not authenticated, he is redirected to login form using
HttpServletResponse.sendRedirect()
instead of normal processing.
The problem is with session expiration. After this happens, normally “Session expired” warning is displayed. Now, “Communication problem” with Syntax error message and the contents of the login form below. The server response is apparently interpreted as JSON.
My problem is how to correctly implement forward to login. Currently, I return HTTP 403 Forbidden, which, at least, does not show strange syntax errors. Has anyone implemented this?