Authentication filter and servlet for login
Preface: I gather you’re using homegrown login instead of container managed login. For all ways, see How to handle authentication/authorization with users in a database? The filter (the interceptor) shouldn’t check the validity of the username/password combo. That’s the responsibility of the servlet (the controller). The filter should merely check if the user is logged-in … Read more