This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.
No announcement yet.
Function of filter Attribute in httpPage Title Module
"The filter list for the path. Currently can be set to 'none' to remove a path from having any filters applied. The full filter stack (consisting of all defined filters, will be applied to any other paths)."
Right. 'none' is very handy if you send, say, /* to the springSecurityFilterChain from the web.xml but don't want certain subcategories of URLs to be processed. For instance, I am working on a corporate "template" project where actual projects may or may not use J2EE security. In the case the project does use J2EE security, I want various offline configurations to map to the non-j2ee versions for convenience. So the non-j2ee configuration doesn't have any filters="none" entries but the J2EE version has an <intercept:url pattern="/j_security_check" filters="none"> attribute (because I want the container to process the authentication in this case).
You can do it either way, or both. It just depends on what you are trying to do. Standard URL syntax for the web.xml is a bit less flexible than Apache Ant-style syntax, so I generally prefer to exclude from the springSecurityFilterChain. Also I don't know of any way to specify a url-mapping in a web.xml as an "exclude" URL.