Servlet filter runs in infinite redirect loop when user is not logged in

by

This AuthenticationFilter also runs when login.html is being requested. However, the code is redirecting to login.html once again instead of continuing the filter chain. This explains the infinite redirect loop.

You need to let the filter just continue the request if the currently requested page is already the login page itself.

E.g.

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest req = (HttpServletRequest) request;
    HttpServletResponse res = (HttpServletResponse) response;
    HttpSession session = req.getSession(false);
    String loginURL = req.getContextPath() + "/login.html";

    boolean loggedIn = session != null && session.getAttribute("user") != null;
    boolean loginRequest = loginURL.equals(req.getRequestURI());

    if (loggedIn || loginRequest) {
        chain.doFilter(request, response);
    } else {
        res.sendRedirect(loginURL);
    }
}

See also:

More Related Contents:

  1. Authentication filter and servlet for login
  2. How to define servlet filter order of execution using annotations in WAR
  3. How do delete a HTTP response header?
  4. Authenticating the username, password by using filters in Java (contacting with database)
  5. Difference between / and /* in servlet mapping url pattern
  6. How to save generated file temporarily in servlet based web application
  7. How to use a servlet filter in Java to change an incoming servlet request url?
  8. How do I get the remote address of a client in servlet?
  9. Servlet and path parameters like /xyz/{value}/test, how to map in web.xml?
  10. Http Servlet request lose params from POST body after read it once
  11. How to read and copy the HTTP servlet response output stream content for logging
  12. Change default homepage in root path to servlet with doGet
  13. Can I exclude some concrete urls from inside ?
  14. HTTP request parameters are not available by request.getAttribute()
  15. Servlet vs Filter
  16. How to find the working folder of a servlet based application in order to load resources
  17. How to read request.getInputStream() multiple times
  18. Value passed with request.setAttribute() is not available by request.getParameter()
  19. Adding an HTTP Header to the request in a servlet filter
  20. How to solve this java.lang.NoClassDefFoundError: org/apache/commons/io/output/DeferredFileOutputStream?
  21. How can I get a Spring bean in a servlet filter?
  22. Is there any easy way to preprocess and redirect GET requests?
  23. What is the use of filter and chain in servlet?
  24. Google Recaptcha v3 example demo
  25. Which compression (is GZIP the most popular) servlet filter would you suggest?
  26. Disable save button in Adobe PDF reader and hide menu bar in IE window
  27. How to use HttpServletRequest#getParts() in a servlet filter running on Tomcat?
  28. @WebServlet annotation doesn’t work with Tomcat 8
  29. Moving resources under WEB-INF
  30. Wildcard path for servlet?

Leave a Comment