DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
View Events Video Library
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Integrating PostgreSQL Databases with ANF: Join this workshop to learn how to create a PostgreSQL server using Instaclustr’s managed service

Mobile Database Essentials: Assess data needs, storage requirements, and more when leveraging databases for cloud and edge applications.

Monitoring and Observability for LLMs: Datadog and Google Cloud discuss how to achieve optimal AI model performance.

Automated Testing: The latest on architecture, TDD, and the benefits of AI and low-code tools.

Related

  • Java EE 6 Pet Catalog with GlassFish and MySQL
  • Getting Started With JMS-ActiveMQ: Explained in a Simple Way
  • Beans Custom Validation Constraints
  • How to Embed a jBPM Process in a Java EE Application

Trending

  • .NET Performance Optimization Techniques for Expert Developers
  • Log Analysis: How to Digest 15 Billion Logs Per Day and Keep Big Queries Within 1 Second
  • A Better Web3 Experience: Account Abstraction From Flow (Part 1)
  • Introduction to ESP32 for Beginners Using the Xedge32 Lua IDE
  1. DZone
  2. Coding
  3. Java
  4. Dynamically registering WebFilter with Java EE 6

Dynamically registering WebFilter with Java EE 6

Markus Eisele user avatar by
Markus Eisele
·
Jun. 16, 11 · Interview
Like (0)
Save
Tweet
Share
8.79K Views

Join the DZone community and get the full member experience.

Join For Free

Yeah. Security. I start loving this stuff. I have a nice little application running with Java EE 6. And if you are following my posts lately, you know, that it has little more security requirements than usual and therefore we definitely have some custom filter logic in place. The javax.servlet.Filter is a great place to start, if you are looking for a way to implement cross cutting concerns.


Filters perform filtering in the doFilter method. Every Filter has access to a FilterConfig object from which it can obtain its initialization parameters, and a reference to the ServletContext which it can use, for example, to load resources needed for filtering tasks.

Beside Logging and Auditing, compression and conversion this is also suitable for placing security related stuff.

Beginning with Java EE 6 the implementation is straight forward and easy.

Add a @WebFilter annotation to your implementation class and you are done:

@WebFilter(dispatcherTypes = {DispatcherType.REQUEST, DispatcherType.FORWARD}, urlPatterns = {"/something/*"})
public class SecurityFilter implements Filter {
...
}

Problem

But: What to do, if you are running different environments and you have some very heavy filter logic in place, which in fact depends on other infrastructure components placing header variables or other stuff into the request before processing? You have to disable them in development. Enable them in production or integration testing.

Building for different environments basically is not a big issue, but you end up commenting in and out the @WebFilter annotation. That ...cks.

Solution: Dynamically register your WebFilter

But hey, the Servlet 3.0 API is here. And you are able to register your components dynamically. A good place to register filters is a ServletContextListener. And you don't even have to forgo your beloved annotations. Let's start with the basics.

@WebListener
public class FilterStartupListener implements ServletContextListener {

@Override
public void contextInitialized(ServletContextEvent sce) {
ServletContext ctx =
sce.getServletContext();
...
}
}

Next is to find any way to figure out, if you are running in production mode or not. You could think about using a system property or even reading the projectStage

property from your JSF implementation. Whatever you chose, the magic happens here:
if (Util.isProduction()) {
// if we are running in production mode
// register with servletContext
FilterRegistration fr = ctx.addFilter("SecurityFilter", SecurityFilter.class);
fr.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD),
true, "/something/*");
}
}

That's it. It does all the magic for you and you no longer have to care about them. If the property of your choice changes, your filters get registered dynamically or not.

From http://blog.eisele.net/2011/06/dynamically-registering-webfilter-with.html

Java EE Java (programming language)

Opinions expressed by DZone contributors are their own.

Related

  • Java EE 6 Pet Catalog with GlassFish and MySQL
  • Getting Started With JMS-ActiveMQ: Explained in a Simple Way
  • Beans Custom Validation Constraints
  • How to Embed a jBPM Process in a Java EE Application

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: