Hi, Thank you, I will test this later.
I'm using a threadlocal to open session/transaction, does that forwarded request happens in the same thread as the original request? Sergio ----- Mensagem original ----- De: "Christopher Schultz" <ch...@christopherschultz.net> Para: "Tomcat Users List" <users@tomcat.apache.org> Enviadas: Segunda-feira, 8 de Abril de 2013 18:19:11 Assunto: Re: Tomcat form auth not using filters -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Konstantin, On 4/8/13 4:58 PM, Konstantin Kolinko wrote: > 2013/4/9 Sergio Vieira Rolanski <ser...@strategos.com.br>: >> Thansk for the reply, >> >> Let me try to be clear on this matter: >> >> I try open the address "http://localhost:8084/MyApplication"; (or >> any other protected address/page) and I'm not logged in (I have >> never logged in or the session is expired) Tomcat should show me >> the login page (controleAcesso/Login.xhtml, that is "access >> control" in portuguese), but instead I get an error (the >> stacktrace is below) >> >> Now if I try to open >> "http://localhost:8084/MyApplication/controleAcesso/Login.xhtml"; >> directly, it works just fine and I can see the login page, do the >> login and navigate the application. >> >> I know hibernate and servlet session are different things, what I >> meant was that each request is intercepted by HibernateFilter >> (implements javax.servlet.Filter) so it opens a session and a >> transaction for that request. If you look the stacktrace, my >> HibernateFilter is not called at all. >> >> I made a request for lets say >> "http://localhost:8084/MyApplication/billing/BillingHistory.xhtml"; >> and I'm not logged in, tomcat should show me the login page, >> right? But it seems that to get the appropriate response for the >> request (the login page instead of the BillingHistory.xhtml) >> tomcat/servlet/whatever is taking another path and ignoring my >> servlet filters thus not opening the hibernate session and giving >> me exception instead of the login page. >> >> > > OK, I am understanding you problem now. > > The important part of your stacktrace: > > at > org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339) > > at org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:425) > at > org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) > > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544) > > That is how "forwardToLoginPage" is implemented. > > If you want a Filter to be called during > javax.servlet.RequestDispatcher.forward(), it has to be mapped > with > > <filter-mapping> <dispatcher>FORWARD</dispatcher> > </filter-mapping> I would warn the OP that blindly mapping the Filter to FORWARD dispatch might result in multiple connections/Hibernate-sessions being allocated for a single client request if the Filter is not written carefully. Be sure to check to make sure the Filter will work properly when involved multiple times for a single request. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJRYzROAAoJEBzwKT+lPKRYxw8QAMvtHoUD75+uEFVD/dywjW4d HTVxwJ622S6dhAHJNISt4S1MeJT7JB8DOevJfKAP96ZNd1/jhJjFxxRcuA9/aIf7 ezfBjEpnQ/WmO2h3gWbm0fv4VcVsIif5MDEmVSesjLtot1qsGuJ3iA5OoVQWksr8 uJAoxU+l+Voqor2XSu/OH6y6IRq2CfriPsMphM7nOVAmLvbvKNHER1ov8D/6iWKq gTzR9BBJf+/U0X1czwwOMXShicZa41pp+N/Z9v++XL8XDQzMz37yapo8HwvMLeOe DLBTgrgOsjlJ5+M2e6+bZW9Ntn0xFJZXrW4rieQxRhGJLXNhxiZfLjyxe9eR1SDU uAUY3lGzqluulfu+I7854gE0FjofEXdFC7Lo0oiuUPft2QffjbheyAjkuvjxCK1o byRHx2efTVRlfM5RPCJ5qEh5o05Anjt/FEurywWB2DkvtdXYSCVv4IZh1l9SIf9J TZVQsHgXOl3/9d25X286XH7XDitPnFuzHOpLkhSWHuMgsoCfV0DAiIS45DJXN8ds 0gYYWnU6gpdaGr7MJ2o5fQFZS0JZHHplxi1e+N/VDcXH19Whds/BJaz2q4fPgaur 2s0goJPEc32ZxIJ7FiovHK9oj4FNtSa252Dz6ekNv1Y2fu4rj0P2V4rcPmTkKiA5 V3PIlHZJbYcoVVohC0Ty =WHt0 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
