Using Stripes Interceptor to prevent access to other servlets

Question

I'm using Stripes 1.5 and I was using a interceptor (based on this example) to prevent unauthorized access to *.action pages.

Now I want to use the same interceptor to prevent access to a servlet.

I've added this this to web.xml (DisplayChart is the servlet I want to protect):

<filter-mapping>
    <filter-name>StripesFilter</filter-name>
    <servlet-name>DisplayChart</servlet-name>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

But it doesn't work, the interceptor intercept method doesn't execute when accesing the DisplayChart servlet path (even if I @Intercepts all the LifeCycleStage).

Is there a way to a interceptor to execute when another servlet is accesed? Or Stripes filters are not intended to be used that way (and I'll have to use a plain Filter)?

Answer 1

I don't know if you can apply a Stripes interceptor to a non-Stripes servlet.

But i am pretty sure you shouldn't.

The Stripes interceptors are specific to Stripes, and Stripes's request lifecycle. A request to a plain servlet is not a Stripes request, and does not go through this lifecycle, even if it goes through the Stripes filter. Such a request should not use a Stripes interceptor, even if this is possible.

I suggest you factor out the authorization code from your Stripes interceptor into a Stripes-agnostic service class, then write a standard filter which uses that class. Your Stripes interceptor and your filter are then very small bits of code which hand off to the service.

Answer 2

The Stripes filter can't be used like that, as the Stripes filter is actually the Stripes front controller that dispatches only to action beans and possible an Stripes interceptor before that.

So as you already assumed, you need a regular servlet filter.