You want requests for a servlet or JSP to pass through more than one filter.
Map each filter to the servlet or JSP using filter-mapping elements in the deployment descriptor. The filters are applied to the servlet in the order they appear in the deployment descriptor.
Your web application may define several different filters with a specific purpose. For instance, one filter might log messages, while another filter authenticates users. It is straightforward to create a filter chain that applies each filter in a specified order to a servlet. You use the filter-mapping element to map each filter to the target servlet (or JSP). The web container then applies the filters to the target in the order that the filter-mapping elements are defined in the deployment descriptor.
Example 19-4 configures two filters: AuthenFilter and LogFilter . The filter-mapping elements for these filters then map the servlet name requestheaders to each of these filters. The order of the filter-mapping elements in Example 19-4 specifies that the authentication filter ( AuthenFilter ) must be applied to the servlet named requestheaders first, followed by the LogFilter .
To map a filter to a servlet name, the servlet has to be registered in web.xml . Example 19-4 registers the requestheaders servlet beneath the filter and filter-mapping elements.
Example 19-4. Mapping more than one filter to a servlet
<!-- top of web.xml deployment descriptor --> <filter> <filter-name>AuthenFilter</filter-name> <filter-class>com.jspservletcookbook.AuthenticateFilter</filter-class> </filter> <filter> <filter-name>LogFilter</filter-name> <filter-class>com.jspservletcookbook.LogFilter</filter-class> </filter> <filter-mapping> <filter-name>AuthenFilter</filter-name> <servlet-name>requestheaders</servlet-name> </filter-mapping> <filter-mapping> <filter-name>LogFilter</filter-name> <servlet-name>requestheaders</servlet-name> </filter-mapping> <!-- servlet definitions --> <servlet> <servlet-name>requestheaders</servlet-name> <servlet-class>com.jspservletcookbook.RequestHeaderView</servlet-class> </servlet> <!-- servlet-mapping section of web.xml --> <servlet-mapping> <servlet-name>requestheaders</servlet-name> <url-pattern>/requestheaders</url-pattern> </servlet-mapping> <!-- rest of deployment descriptor -->
When a user requests the requestheaders servlet using the servlet path /requestheaders , as specified in the servlet-mapping element, the request passes through the AuthenFilter and LogFilter before it reaches its servlet destination.
Recipe 7.9 on using a filter to read request parameter values; Recipe 11.11 on using a filter to monitor session attributes; Recipe 18.3 on using a filter to alter then forward the request; Recipe 19.4 on changing the order filters are applied to a servlet; Recipe 19.5 on configuring filter init parameters; Recipe 19.6 on blocking requests; Recipe 19.7 on filtering the HttpServletResponse ; Recipe 19.8 on using filters with RequestDispatchers ; Recipe 19.9 on using filters to check request parameters; Recipe 19.10 on using filters to disallow requests from certain IP addresses.