0

I am new in java. am try to use Servlet filters for session check.My code is given below. but i got error while run. please help to correct the error. the error code is

 HTTP Status 500 - Cannot forward after response has been committed
type Exception report

message Cannot forward after response has been committed

description The server encountered an internal error that prevented it from fulfilling this request.

And my code is

my web.xml

    <servlet>
            <servlet-name>login</servlet-name>
            <servlet-class>com.sample.wordnik.servlet.LoginServlet</servlet-class>
        </servlet>
        <welcome-file-list>
            <welcome-file>index.html</welcome-file>
        </welcome-file-list>
        <servlet-mapping>
        <servlet-name>login</servlet-name>
        <url-pattern>/login</url-pattern>
    </servlet-mapping>
<filter>
        <filter-name>SessionFilter</filter-name>
        <filter-class>
            com.sample.wordnik.filter.SessionFilter
        </filter-class>
        <init-param>
            <param-name>avoid-urls</param-name>
            <param-value>login.jsp,signup.jsp</param-value>

        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>SessionFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
</web-app>

my Filter class is

import java.io.IOException;
import java.util.ArrayList;
import java.util.StringTokenizer;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SessionFilter implements Filter {

    private ArrayList<String> urlList;

    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
            FilterChain chain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        String url = request.getServletPath();
        boolean allowedRequest = false;

        if(urlList.contains(url)) {
            allowedRequest = true;
        }

        if (!allowedRequest) {
            HttpSession session = request.getSession(false);
            if (null == session) {
                response.sendRedirect("login");
            }
        }

        chain.doFilter(req, res);
    }

    @Override
    public void init(FilterConfig config) throws ServletException {
        String urls = config.getInitParameter("avoid-urls");
        StringTokenizer token = new StringTokenizer(urls, ",");

               urlList = new ArrayList<String>();


        while (token.hasMoreTokens()) {
            urlList.add(token.nextToken());

        }
    }
}

And My LoginServlet is

public class LoginServlet extends HttpServlet {

    @Override
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response);
}
}
Ajmal Muhammad
  • 685
  • 7
  • 25

1 Answers1

1

Problem is you had already redirected the user on login page for invalid session using response.sendRedirect("login"). However you had also tried to continue with request chain after redirect chain.doFilter(req, res).

Try using return keyword here:

if (null == session) {
    response.sendRedirect("login");
    return; // added
}