Announcement Announcement Module
No announcement yet.
Access Custom Filter multiple times Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Access Custom Filter multiple times


    I'm a spring newbie and i'm implementing a custom filter that used to read/write session data to the database like so:

    public class MySessionManagementFilter extends GenericFilterBean {
        static final String FILTER_APPLIED = "__msmf_applied";
        protected final Log logger = LogFactory.getLog(this.getClass());
        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
            if (request.getAttribute(FILTER_APPLIED) != null) {
                // ensure that filter is only applied once per request
                chain.doFilter(request, response);
            request.setAttribute(FILTER_APPLIED, Boolean.TRUE);
            try {
      "read session from database");
                chain.doFilter(request, response);
            } finally {
      "writing session to database");
    Here is the configure for this filter:

    <beans:bean id="mySessionManagementFilter" class="com.mvc.filter.MySessionManagementFilter"/>
    <http use-expressions="true">
            <intercept-url pattern="/secure/**" access="isAuthenticated()" requires-channel="https"/>
            <intercept-url pattern="/login" access="isAnonymous()" requires-channel="https"/>
            <intercept-url pattern="/**" access="permitAll" />
            <form-login login-page="/login" default-target-url="/" authentication-failure-url="/login?login_error=true"/>
                <concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
            <custom-filter ref="mySessionManagementFilter" after="SESSION_MANAGEMENT_FILTER"/>
    I tried to do a request to run the filter and notice that the console show me that my filter has accessed 3 times:

    2010-03-04 12:00:16,128 INFO [com.mvc.filter.MySessionManagementFilter] - <read session from database>
    2010-03-04 12:00:16,393 INFO [com.mvc.filter.MySessionManagementFilter] - <writing session to database>
    2010-03-04 12:00:16,427 INFO [com.mvc.filter.MySessionManagementFilter] - <read session from database>
    2010-03-04 12:00:16,432 INFO [com.mvc.filter.MySessionManagementFilter] - <writing session to database>
    2010-03-04 12:00:16,438 INFO [com.mvc.filter.MySessionManagementFilter] - <read session from database>
    2010-03-04 12:00:16,439 INFO [com.mvc.filter.MySessionManagementFilter] - <writing session to database>
    The read/write operation should not be executed multiple times. I tried to apply the pattern from the spring security that add a flag FILTER_APPLIED to prevent the second apply but no sucess. I tried to debug SecurityContextPersistenceFilter and also notice that it has accessed 3 times and the flag are always null for each access. It look like the FILTER_APPLIED does not function as expected. So any idea to make the filter apply once?
    Last edited by burgleboy711; Mar 3rd, 2010, 11:34 PM.

  • #2
    Check the request log and make sure you aren't sending extra requests and enable debug logging so that you can see the logged requests. You should also use a suitable browser plugin to monitor the requests (e.g. firebug or tamperdata).