I want to make a general filter - for all requests and responses.

  1. Check for Origin and the presence of certain headers in requests.

    Apply a filter for all URLs:

    @WebFilter("/*") public class MyFilter implements Filter {}

    Found this method for creating a filter for all URLs of a web application. The mechanism of operation of such a method remained under question ..

    What exactly will happen?

    Any request that will come from my domain, will first go through this class with its checking for the presence of headers, and after a successful check, leave by its URI?

  2. Also I will be glad to any advice on creating a good filter for requests and answers, which will add to security!

  • one
    On the Internet you can find exactly what will happen in the pictures. I had to strain my imagination a little to understand how the filter chain worked. And yes. the request arrives, then it can leave, or it can stay and return, and someone else can do something interesting. And the answer will also pass through the same filter. - Sergey
  • What do you mean by "the request can and remain the same"? - Maks.Burkov
  • And the fact that you can block further processing, if something does not like. - Sergey
  • And ok, I know that. I thought maybe something else namudri)) - Maks.Burkov
  • one
    otndnld.oracle.co.jp/document/products/as10g/101300/B25221_03/… - Sergey

0