package filters; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebFilter("/protected/*") public class AuthorisationFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { // noop } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; Boolean signedIn = (Boolean) req.getSession().getAttribute("signedIn"); String ctx = req.getContextPath(); if(signedIn != null && signedIn) { chain.doFilter(request, response); } else { HttpServletResponse rsp = (HttpServletResponse) response; req.getSession().setAttribute("authSuccess", Boolean.FALSE); rsp.sendRedirect(ctx + "/sign-in.jsp"); } } @Override public void destroy() { // noop } }