Second Servlet filter is not called on specific URL Pattern

Question

i'm using two filters but second filter is not applied,

Here is the code of InvokeServlet.do

request.getRequestDispatcher("/secured/securedResult.jsp").forward(request, response);

and web.xml code is:-

<servlet-mapping>
        <servlet-name>InvokeServlet</servlet-name>
        <url-pattern>/InvokeServlet.do</url-pattern>
    </servlet-mapping>

<filter>
        <filter-name>SecurityFilter</filter-name>
        <filter-class>filter.SecurityFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>SecurityFilter</filter-name>
        <url-pattern>*.do</url-pattern>
    </filter-mapping>
<filter>
        <filter-name>SecurityFilter2</filter-name>
        <filter-class>filter.SecurityFilter2</filter-class>
    </filter>
    <filter-mapping>            
        <filter-name>SecurityFilter2</filter-name>
        <url-pattern>/secured/*</url-pattern>
    </filter-mapping>

on address bar http://localhost:8080/OnlineBankingWS/InvokeServlet.do

but when i hit the url http://localhost:8080/OnlineBankingWS/secured/securedResult.jsp filter is called(some sysout statements are printed on the console).

SecurityFilter.java

package filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SecurityFilter implements Filter {

    public void destroy() {
        // TODO Auto-generated method stub

    }

    public void doFilter(ServletRequest arg0, ServletResponse arg1,
            FilterChain arg2) throws IOException, ServletException {
        // TODO Auto-generated method stub

        HttpServletRequest request = (HttpServletRequest) arg0;
        HttpServletResponse response = (HttpServletResponse) arg1;
        HttpSession session = request.getSession();

        if (session.getAttribute("userSession") == null) {
            String msg = "oops! Your Session Has Been Expired";
            request.setAttribute("msg", msg);
            request.getRequestDispatcher("loginForm.jsp")
                    .forward(request, response);
        }
        arg2.doFilter(arg0, arg1);

    }

    public void init(FilterConfig arg0) throws ServletException {
        // TODO Auto-generated method stub

    }

}

SecurityFilter2.java

package filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SecurityFilter2 implements Filter {

    public void destroy() {
        // TODO Auto-generated method stub

    }

    public void doFilter(ServletRequest arg0, ServletResponse arg1,
            FilterChain arg2) throws IOException, ServletException {
        // TODO Auto-generated method stub

        String pathInfo=request.getPathInfo();
        String contextPath=request.getContextPath();
        System.out.println(" pathINfo--> " + pathInfo + " contextPath--> " + contextPath );

        arg2.doFilter(arg0, arg1);

    }

    public void init(FilterConfig arg0) throws ServletException {
        // TODO Auto-generated method stub
            System.out.println("in init method of security filter 2");
    }

}

The above filter logic is not yet implemented though, the statements should be printed.

Answer 1

Try using

<filter-mapping>            
    <filter-name>SecurityFilter2</filter-name>
    <url-pattern>/secured/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>   

See
http://www.javaworld.com/javaworld/jw-01-2006/jw-0102-servlet.html?page=3