I want to make my webapp license protected. When any page/resource of webapp is requested, I want to first check for the license. If license is not found then I want to redirect to license upload page.
I have created a filter which maps to all the requests where I can check for license and redirect if necessary. The problem is that my webapp has security constraint of login authentication. see web.xml at the end for more information.
Because of the security constraint, all the requests are first intercepted by login authentication and then forwarded to my filter. However, I want to check for license before the login can happen.
Here is a related question I asked.
Java : Intercept all requests before they go to login authentication
Prioritizing filter over the security constraint seems to be impossible. So, I want to ask is there any other way I can approach this use case?
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">
<display-name>Tango</display-name>
<filter>
<filter-name>SalsaValidationFilter</filter-name>
<filter-class>net.semandex.salsa.validationFilters.SalsaValidationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SalsaValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
<!-- <servlet-name>SalsaValidationServlet</servlet-name> -->
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<session-config>
<session-timeout>20</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Login page images</web-resource-name>
<url-pattern>/images/salsadb-logo2.png</url-pattern>
<url-pattern>/images/salsa-icon.png</url-pattern>
<url-pattern>/images/shadow_box.png</url-pattern>
<url-pattern>/images/header.png</url-pattern>
<url-pattern>/images/bg.png</url-pattern>
<url-pattern>/css/splash.css</url-pattern>
<url-pattern>/WEB-INF/licenseValidation.html</url-pattern>
<url-pattern>/auth/licenseValidation.html</url-pattern>
</web-resource-collection>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>The entire webapp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>SalsaUser</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>SalsaUser</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/auth/login.jsp</form-login-page>
<form-error-page>/auth/loginError.jsp</form-error-page>
</form-login-config>
<realm-name>mongo_login</realm-name>
</login-config>
</web-app>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With