Why Servlet filter causing error in working application

Question

In a working application, a Servlet filter has been placed. However this filter is causing errors in the existing application.

Currently for proof of concept purposes the filter only logs, no code has been implemented.

No exceptions are found. On the Tomcat access log the only clue is that resources are returning an 304

[18/Nov/2014:17:18:34 -0500] 10.93.161.0 (0ms) 52D40EF309A3EB46F1C5DE3FB1D063BD.application.1 GET /secure/application/application/sc/skins/Enterprise/images/Window/window_TL.png HTTP/1.1 : 304

As mentioned without the filter in place the application works fine.

When filter is in place, logs show that the filter is logging but the application will not work properly, it seems the filter is interfering somehow, which we don't want any interference, except of implemented code in the doFilter method.

Below is the filter declaration in the web.xml

    <filter>
    <filter-name>SessionFilter</filter-name>
    <filter-class>com.company.filter.SessionFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>SessionFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Below is the filter class

public class SessionFilter implements Filter{

    private  static final Log LOG = LogFactory.getLog(SessionFilter.class);

    @Override
    public void destroy() {
        LOG.info("SessionFilter destroyed.");
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
            FilterChain arg2) throws IOException, ServletException {
        LOG.info("SessionFilter is filtering.");
        LOG.info("Test Session");
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
        LOG.info("SessionFilter initialized.");
    }

}

Please let me know any ideas.

Thank you

Answer 1

You need to continue the filter chain. Add this to the end of the "doFilter" method.

...
// request filtered
arg2.doFilter(req, res);
// response filtered
...

Answer 2

In the doFilter() method of a Filter you have to chain or forward the request on the chain, else other filters will not be called and the request will not be forwarded to the Servlet .

Qutoing form the javadoc of Filter.doFilter() :

A typical implementation of this method would follow the following pattern:-

1. Examine the request
2. Optionally wrap the request object with a custom implementation to filter content or headers for input filtering
3. Optionally wrap the response object with a custom implementation to filter content or headers for output filtering
4. a) Either invoke the next entity in the chain using the FilterChain object (chain.doFilter()),
5. b) or not pass on the request/response pair to the next entity in the filter chain to block the request processing
6. Directly set headers on the response after invocation of the next entity in the filter chain.

Do it like this:

chain.doFilter(request, response);

The reason why the Filter system is implemented this way is because a Filter may decide to break the chain, eg because sending back error; or a Filter may wrap the request and/or the response and this wrapper must be lended onward to other filters and servlets.

If you don't call chail.doFilter() , that indicates to the Servlet container that you don't want to involve other filters and servlets in serving the request.