23

I wrote a filter that needs to be invoked every time a url on my site is accessed EXCEPT the CSS, JS, and IMAGE files. So in my definition I'd like to have something like:

<filter-mapping>
   <filter-name>myAuthorizationFilter</filter-name>
   <url-pattern>NOT /css && NOT /js && NOT /images</url-pattern>
</filter-mapping>

Is there anyway to do this? The only documentation I can find has only /*

UPDATE:

I ended up using something similar to an answer provided by Mr.J4mes:

   private static Pattern excludeUrls = Pattern.compile("^.*/(css|js|images)/.*$", Pattern.CASE_INSENSITIVE);
   private boolean isWorthyRequest(HttpServletRequest request) {
       String url = request.getRequestURI().toString();
       Matcher m = excludeUrls.matcher(url);

       return (!m.matches());
   }
kasdega
  • 18,396
  • 12
  • 45
  • 89
  • 1
    Possible duplicate of [Can I exclude some concrete urls from inside ?](http://stackoverflow.com/questions/3125296/can-i-exclude-some-concrete-urls-from-url-pattern-inside-filter-mapping) – AlikElzin-kilaka Aug 01 '16 at 14:57

4 Answers4

21

I think you can try this one:

@WebFilter(filterName = "myFilter", urlPatterns = {"*.xhtml"})
public class MyFilter implements Filter {

   @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
      String path = ((HttpServletRequest) request).getServletPath();

      if (excludeFromFilter(path)) chain.doFilter(request, response);
      else // do something
   }

   private boolean excludeFromFilter(String path) {
      if (path.startsWith("/javax.faces.resource")) return true; // add more page to exclude here
      else return false;
   }
}
Mr.J4mes
  • 9,168
  • 9
  • 48
  • 90
  • where is @WebFilter from? I'm currently using spring-mvc and I'm defining my filter using @Service(value="myAuthorizationFilter") – kasdega Dec 28 '11 at 17:30
  • I think this one is a normal JavaEE annotation. Check out [here](http://docs.oracle.com/javaee/6/api/javax/servlet/annotation/WebFilter.html) – Mr.J4mes Dec 28 '11 at 17:34
  • I ended up doing something very similar to this but I used regex's with Pattern and Matcher. Like this: `private static Pattern excludeUrls = Pattern.compile("^.*/(css|js|images|ckeditor)/.*$", Pattern.CASE_INSENSITIVE);` – kasdega Dec 29 '11 at 15:15
  • 1
    :P Then you should update your question with how you succeeded to do so and you can mark this one as an answer too =P. – Mr.J4mes Dec 29 '11 at 15:19
6

The URL pattern mapping does not support exclusions. This is a limitation of the Servlet specification. You can try the manual workaround posted by Mr.J4mes.

Perception
  • 79,279
  • 19
  • 185
  • 195
1

Probably you could declare another "blank" filter for css, js etc, and put it before others filter mapping.

IProblemFactory
  • 9,551
  • 8
  • 50
  • 66
0

I used the security-constraint to access control. See the code:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Unsecured resources</web-resource-name>
        <url-pattern>/resources/*</url-pattern>
        <url-pattern>/javax.faces.resource/*</url-pattern>
    </web-resource-collection>
</security-constraint>

I follow this tutorial.

Wendel
  • 2,809
  • 29
  • 28