3

I have a RESTful Spring application, which can process various request with various controllers and various @RequestMapping-s.

Now I wish each request contain additionally a user/password pair, user as user GET parameter ?user=username and password in password POST parameter.

Is it possible to "preprocess" all requests before they go to controllers and check credentials and possible return authentication error?

Is this a mechanism, which is caller "filters" or not?

Dims
  • 47,675
  • 117
  • 331
  • 600

1 Answers1

5

There are couple of ways for intercepting the requests before they land into controllers.

  1. Using Servlet Filters:
    @WebFilter(urlPatterns = "path-to-intercept", filterName = "your-filter-name")
    public class MyRequestFilter implements Filter {
        init(...);
        doFilter(...);
        destroy(); 
    }
  1. Using Spring HandlerIntecptors:
    public class MyRequestInterceptor extends HandlerInterceptorAdapter{

        preHandle(...); //called before the request lands to the controller.
        postHandle(...); //called after the controller method finishes execution.
        afterCompletion(...); //called before the response is sent.
    }

And in your configuration:

    <mvc:interceptors>
        <mvc:interceptor>
            <mvc:mapping path="/yourInterceptingPath/" />
            <bean class="path-to-your-Interceptor.MyRequestInterceptor" />
        </mvc:interceptor>
    </mvc:interceptors>
walen
  • 7,103
  • 2
  • 37
  • 58
Rana_S
  • 1,520
  • 2
  • 23
  • 39