Welcome to the MacNN Forums.

Since EBCDIC · Apr 10, 2001, 04:26 AM

This is one of those "too close to the tree to see the forest" kind of questions. I want to provide a subclass of HttpServlet (which I'm calling HttpAuthServlet) which checks the state of things

HttpSession session = req.getSession( true ) ;
Object passed = session.getValue( "login.passed" ) ;
if ( passed == null ) { // send user to login page }

I have that working. What doesn't work is that I want this functionality to be automagical. When I subclass this class, say

public class Welcome extends HttpAuthServlet {

I want this testing to happen without having to explicitly call super.doGet(); a programmer who forgets or intentionally omits the super would circumvent the entire point of adding access control to the servlets.

How do I do this? Put it into the service() part of HttpAuthServlet? If so, do I have to do the dispatching to doGet and doPost myself?

What am I overlooking? Help gratefully appreciated.

------------------
Since EBCDIC
Make every post count!

scotty · Apr 10, 2001, 07:49 AM

Originally posted by Since EBCDIC:
How do I do this? Put it into the service() part of HttpAuthServlet? If so, do I have to do the dispatching to doGet and doPost myself?

What am I overlooking? Help gratefully appreciated.

Hi!

You should do this work in the service method of your HttpAuthClass. Something like this:

Code:
public void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
        HttpSession session = req.getSession( true ) ;
        Object      passed  = session.getValue( "login.passed" ) ;
        if ( passed == null ) { 
               // do the redirect to the login page.
        }
        else {
               super.service(req, res);
        }
}

When you subclass, this check will be done automatically before doGet or doPost is called. Is this what you want?

Scotty

eyadams · Apr 10, 2001, 11:07 AM

Scotty has the right idea. All I would add is that you make your service() method final, so that all the servlets that extend it won't override it and loose the functionality you're trying to add.

Since EBCDIC · Apr 10, 2001, 11:39 PM

You guys rule. Thank you very much. I was waaaay to close to the problem to grok it all. Now I'm trying to fix^H^H^Hremove the duplicate functionality from the subclasses to see it all work.

Thanks again.

------------------
Since EBCDIC
Make every post count!

scotty · Apr 11, 2001, 03:57 AM

Originally posted by eyadams:
Scotty has the right idea. All I would add is that you make your service() method final, so that all the servlets that extend it won't override it and loose the functionality you're trying to add.

Good idea. Another thing that should be mentioned is that your Login and Validations servlets should not be subclasses of your HttpAuthServlet class (if they are, they will loop forever).