Java - Learn Java by Examples

How do I create a servlet filter using Filter and FilterChain?

By I Wayan Saryada in Servlet Last modified: April 21, 2025 0 Comment

Creating a servlet filter using the Filter interface and FilterChain is straightforward in Jakarta EE (or Java EE). A filter is used to perform filtering tasks like logging, authentication, authorization, etc., on requests or responses. Here’s how you can create a servlet filter step by step:

Steps to Create a Servlet Filter

Implement the Filter interface:
- The Filter interface provides three methods to override: init(), doFilter(), and destroy().
Configure the filter:
- Filters can be configured either programmatically (via annotations) or declaratively (via web.xml).

1. Code Example of a Filter Implementation

package org.kodejava.servlet;

import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.annotation.WebFilter;

import java.io.IOException;

// Use @WebFilter annotation to map the filter to a URL pattern
@WebFilter(urlPatterns = "/*") // This applies the filter to all URLs
public class MyServletFilter implements Filter {

   @Override
   public void init(FilterConfig filterConfig) throws ServletException {
      // Initialization logic (called once when the filter is first loaded)
      System.out.println("Initializing MyServletFilter...");
   }

   @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
           throws IOException, ServletException {
      // Logic before passing request to the next filter or servlet
      System.out.println("Request intercepted by MyServletFilter!");

      // Pass the request/response to the next filter or the target servlet
      chain.doFilter(request, response);

      // Logic after the request is processed by the servlet/next filter
      System.out.println("Response processed by MyServletFilter!");
   }

   @Override
   public void destroy() {
      // Cleanup logic (called once when the filter is taken out of service)
      System.out.println("Destroying MyServletFilter...");
   }
}

2. Explanation of Methods in the `Filter` Interface

init(FilterConfig filterConfig):
- Called once when the filter is initialized.
- Use this method for any one-time setup or resource allocation.
doFilter(ServletRequest request, ServletResponse response, FilterChain chain):
- The core method where the filtering logic is applied.
- You can manipulate the request before calling chain.doFilter() to pass it along the filter chain or the servlet.
- After chain.doFilter(), you can manipulate the response as needed.
destroy():
- This method is called once when the filter is being taken out of service (e.g., when the application is shutting down).
- Use this for cleaning up resources (closing connections, releasing memory, etc.).

3. Configure the Filter in `web.xml` (Optional)

Instead of using the @WebFilter annotation, you can configure your filter in the web.xml file.

<filter>
    <filter-name>MyServletFilter</filter-name>
    <filter-class>com.example.MyServletFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>MyServletFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

4. How Filters Work in the Chain

Filters in the chain are invoked in the order they are mapped.
The doFilter() method ensures proper chaining of requests/responses by calling chain.doFilter() to pass the request to the next filter or servlet.
If you skip chain.doFilter(), the request won’t proceed further.

Example Workflow

Before calling chain.doFilter():
- You can add custom logic, such as logging the request or checking for specific headers, parameters, or cookies.
After chain.doFilter():
- You can modify the response, such as adding HTTP headers, statistics, etc.

Request flow for the above filter:

A client sends a request.
The filter intercepts the request.
Pre-processing (before calling chain.doFilter()).
Request is passed to the servlet or next filter (via chain.doFilter()).
Post-processing (after chain.doFilter()).
The client receives the response.

This is how servlet filters can be implemented to intercept and process requests and responses in Jakarta EE.

Maven dependencies

<dependency>
    <groupId>jakarta.servlet</groupId>
    <artifactId>jakarta.servlet-api</artifactId>
    <version>6.1.0</version>
    <scope>provided</scope>
</dependency>

How do I use annotations to define Jakarta Servlet?

By I Wayan Saryada in Servlet Last modified: April 21, 2025 0 Comment

In Jakarta EE, you can define servlets using annotations instead of the traditional web.xml deployment descriptor. The most common annotation used for this purpose is @WebServlet. Here’s an overview of how to use annotations to define servlets:

1. Basic Syntax of the `@WebServlet` Annotation

The @WebServlet annotation is used to declare a servlet and map it to a URL pattern. It belongs to the jakarta.servlet.annotation package.

package org.kodejava.servlet;

import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet(name = "MyServlet", urlPatterns = {"/hello", "/greet"})
public class MyServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html");
        response.getWriter().println("<h1>Hello, World!</h1>");
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html");
        response.getWriter().println("<h1>Post Request Handled</h1>");
    }
}

2. Parameters of `@WebServlet`

The @WebServlet annotation has several attributes you can set:

name: Specifies the name of the servlet. This is optional.
urlPatterns (or value): An array of URL patterns to which the servlet will respond. The urlPatterns or value element is required.
loadOnStartup: Specifies the servlet’s load-on-startup priority. If set to a positive integer, the servlet will be loaded and initialized during deployment, not upon its first request.
asyncSupported: A boolean indicating whether the servlet supports asynchronous processing. Default is false.

Example with Additional Attributes

package org.kodejava.servlet;

import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import java.io.IOException;

@WebServlet(
        name = "ExampleServlet",
        urlPatterns = "/example",
        loadOnStartup = 1,
        asyncSupported = true
)
public class ExampleServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/plain");
        response.getWriter().println("Welcome to the Example Servlet!");
    }
}

3. How It Works

No web.xml Needed: When you use @WebServlet, there’s no need to register the servlet manually in web.xml. The application server automatically registers the servlet based on the annotation configuration.
URL Patterns: You define the URLs (using urlPatterns or value) to which the servlet will respond.

4. Multiple URL Patterns

You can map multiple URL patterns to the same servlet using an array:

package org.kodejava.servlet;

import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import java.io.IOException;

@WebServlet(urlPatterns = {"/path1", "/path2", "/path3"})
public class MultiPathServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/plain");
        response.getWriter().println("This servlet can handle multiple paths!");
    }
}

5. Use with Filters and Listeners

Annotations can also be used for filters (@WebFilter) and listeners (@WebListener). For example:

@WebFilter for filters
@WebListener for event listeners

Conclusion

Using annotations to define servlets makes your code more concise and simplifies configuration. It eliminates the need for verbose web.xml entries and is easier to maintain, particularly in modern Jakarta EE-based applications.

Maven dependencies

<dependency>
    <groupId>jakarta.servlet</groupId>
    <artifactId>jakarta.servlet-api</artifactId>
    <version>6.1.0</version>
    <scope>provided</scope>
</dependency>

How do I configure servlets in web.xml?

By I Wayan Saryada in Servlet Last modified: April 11, 2025 0 Comment

In a Jakarta EE (formerly Java EE) application, you can configure servlets in the web.xml deployment descriptor. The web.xml file is located in the WEB-INF directory of your project. Here’s how you can configure a servlet in web.xml step-by-step:

1. Declare the Servlet

You define the servlet by giving it a name and specifying its implementing class.

<servlet>
    <servlet-name>MyServlet</servlet-name>
    <servlet-class>org.kodejava.servlet.MyServlet</servlet-class>
</servlet>

2. Map the Servlet to a URL Pattern

After declaring the servlet, you specify the URL patterns (endpoints) it should handle.

<servlet-mapping>
    <servlet-name>MyServlet</servlet-name>
    <url-pattern>/myServlet</url-pattern>
</servlet-mapping>

The servlet-name in the <servlet-mapping> must match the one defined in the <servlet> section.

Complete Example

Below is a complete example of web.xml configuration for a servlet:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="https://jakarta.ee/xml/ns/jakartaee" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/web-app_6_0.xsd"
         version="6.0">

    <!-- Declare the servlet -->
    <servlet>
        <servlet-name>MyServlet</servlet-name>
        <servlet-class>org.kodejava.servlet.MyServlet</servlet-class>
    </servlet>

    <!-- Map the servlet to a URL pattern -->
    <servlet-mapping>
        <servlet-name>MyServlet</servlet-name>
        <url-pattern>/myServlet</url-pattern>
    </servlet-mapping>

</web-app>

Understanding the Tags

<servlet>: Declares the servlet, including its name and fully qualified class name.
<servlet-name>: A unique name for your servlet (used in <servlet-mapping> to link configuration).
<servlet-class>: The fully qualified class name of the servlet (e.g., org.kodejava.servlet.MyServlet).
<servlet-mapping>: Maps the declared servlet to specific URL patterns (e.g., /myServlet).
<url-pattern>: Specifies the URL or set of URLs that the servlet will handle.

Notes:

URL Patterns:
- /myServlet matches a specific path.
- /* matches all paths.
- /example/* matches all paths under /example.
Multiple Servlet Mappings: You can map the same servlet to multiple URL patterns by adding multiple <servlet-mapping> entries.
Override Annotations: If you use @WebServlet annotations in your servlet class, you generally won’t need to configure the servlet in web.xml. However, web.xml still allows more control over deployment and compatibility with older specifications.
Jakarta EE Web.xml Version:
The <web-app> version should match the Jakarta EE version you are using. For Jakarta EE 10, use version="6.0" as shown above.

How do I handle cookies using Jakarta Servlet API?

By I Wayan Saryada in Servlet Last modified: April 21, 2025 0 Comment

Handling cookies in the Jakarta Servlet API is simple and straightforward. Cookies are small bits of data sent from a server to a client and then sent back by the client in subsequent requests to the server. Below is how you can handle cookies using Jakarta Servlet API:

1. Creating and Adding a Cookie

To create a cookie, use the jakarta.servlet.http.Cookie class. You can add the cookie to the response using the HttpServletResponse object.

Example: Adding a Cookie

package org.kodejava.servlet;

import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import java.io.IOException;

@WebServlet("/addCookie")
public class AddCookieServlet extends HttpServlet {
   @Override
   protected void doGet(HttpServletRequest request, HttpServletResponse response)
           throws ServletException, IOException {
      // Create a new cookie
      Cookie cookie = new Cookie("username", "john_doe");

      // Set cookie properties
      cookie.setMaxAge(24 * 60 * 60); // 1 day (in seconds)
      cookie.setHttpOnly(true);      // Makes it inaccessible to JavaScript
      cookie.setSecure(true);        // Send it only over HTTPS

      // Add the cookie to the response
      response.addCookie(cookie);

      response.getWriter().println("Cookie has been set!");
   }
}

2. Reading Cookies

To read cookies, use the HttpServletRequest object to retrieve all cookies with the getCookies() method, and then search for the desired cookie.

Example: Retrieving a Cookie

package org.kodejava.servlet;

import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import java.io.IOException;

@WebServlet("/readCookie")
public class ReadCookieServlet extends HttpServlet {
   @Override
   protected void doGet(HttpServletRequest request, HttpServletResponse response)
           throws ServletException, IOException {
      Cookie[] cookies = request.getCookies();

      if (cookies != null) {
         for (Cookie cookie : cookies) {
            if ("username".equals(cookie.getName())) {
               response.getWriter().println("Found cookie: "
                                            + cookie.getName() + " = "
                                            + cookie.getValue());
               return;
            }
         }
      }

      response.getWriter().println("Cookie not found!");
   }
}

3. Deleting a Cookie

To delete a cookie, set its maximum age to 0 and add it back to the response. When the browser sees the cookie with a 0 age, it will remove it.

Example: Deleting a Cookie

package org.kodejava.servlet;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import java.io.IOException;

public class DeleteCookieServlet extends HttpServlet {
   @Override
   protected void doGet(HttpServletRequest request, HttpServletResponse response)
           throws ServletException, IOException {
      Cookie[] cookies = request.getCookies();

      if (cookies != null) {
         for (Cookie cookie : cookies) {
            if ("username".equals(cookie.getName())) {
               Cookie deleteCookie = new Cookie("username", "");
               deleteCookie.setMaxAge(0);  // Mark cookie for deletion
               response.addCookie(deleteCookie);
               response.getWriter().println("Cookie has been deleted!");
               return;
            }
         }
      }

      response.getWriter().println("Cookie not found!");
   }
}

Important Notes

Secure Cookies: Always mark cookies as secure (cookie.setSecure(true)) if you’re using HTTPS, to prevent transmission over unsecured connections.
HttpOnly Flag: Use cookie.setHttpOnly(true) to prevent cookies from being accessed via client-side scripts, enhancing security.
Path and Domain Settings: Cookies can be restricted to certain paths or domains to control their scope:
```
cookie.setPath("/secure");
cookie.setDomain(".example.com");
```
Cookie Expiration:
- cookie.setMaxAge(x): Sets the lifespan in seconds. x = 0 deletes the cookie, and x = -1 makes it a session cookie (deleted when the browser is closed).

Maven dependencies

<dependency>
    <groupId>jakarta.servlet</groupId>
    <artifactId>jakarta.servlet-api</artifactId>
    <version>6.1.0</version>
    <scope>provided</scope>
</dependency>

How do I set response headers with HttpServletResponse?

By I Wayan Saryada in Servlet Last modified: April 21, 2025 0 Comment

To set response headers using HttpServletResponse in a Java web application (e.g., within a servlet), you can use the setHeader or addHeader methods provided by the HttpServletResponse class. Here’s an overview of both methods and how to use them:

Methods for Setting Headers

setHeader(String name, String value)
- This method sets a response header with a given name and value.
- If the header already exists, it replaces the existing value with the new one.
addHeader(String name, String value)
- This method allows you to add multiple values for the same header name.
- If the header already exists, it adds the new value rather than replacing it.

Example Code

Below is an example of setting headers in a servlet:

package org.kodejava.servlet;

import java.io.IOException;

import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

@WebServlet("/setHeaders")
public class HeaderServlet extends HttpServlet {

   @Override
   protected void doGet(HttpServletRequest request, HttpServletResponse response)
           throws ServletException, IOException {

      // Set Content-Type Header
      response.setContentType("text/html");

      // Set a custom response header
      response.setHeader("Custom-Header", "CustomValue");

      // Add multiple custom values for the same header name
      response.addHeader("Custom-Multi-Value-Header", "Value1");
      response.addHeader("Custom-Multi-Value-Header", "Value2");

      // Set Cache-Control Header
      response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");

      // Set Expires Header
      response.setHeader("Expires", "0");

      // Write the response body
      response.getWriter().println("<h1>Response Headers Set</h1>");
   }
}

Important Notes

Setting Content-Type: Use setContentType(String type) to set the MIME type of the response body, like "text/html", "application/json", etc.
Overwriting Headers: Use setHeader if you want to ensure a header has only one value (overwriting any existing ones).
Adding Multiple Values: Use addHeader if the header allows multiple values (e.g., Set-Cookie).

Commonly Used Response Headers

Here are some commonly used headers for different scenarios:

Caching:

response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
response.setHeader("Expires", "0");
response.setHeader("Pragma", "no-cache");

Content-Type and Encoding:

response.setContentType("text/html");
response.setCharacterEncoding("UTF-8");

Custom Headers:

response.setHeader("X-App-Name", "MyWebApplication");

CORS (Cross-Origin Resource Sharing):

response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
response.setHeader("Access-Control-Allow-Headers", "Content-Type");

With this approach, you can control headers in your servlet responses effectively.

Maven dependencies

<dependency>
    <groupId>jakarta.servlet</groupId>
    <artifactId>jakarta.servlet-api</artifactId>
    <version>6.1.0</version>
    <scope>provided</scope>
</dependency>

Steps to Create a Servlet Filter

1. Code Example of a Filter Implementation

2. Explanation of Methods in the Filter Interface

3. Configure the Filter in web.xml (Optional)

4. How Filters Work in the Chain

Example Workflow

1. Basic Syntax of the @WebServlet Annotation

2. Parameters of @WebServlet

Example with Additional Attributes

3. How It Works

4. Multiple URL Patterns

5. Use with Filters and Listeners

Conclusion

1. Declare the Servlet

2. Map the Servlet to a URL Pattern

Complete Example

Understanding the Tags

Notes:

1. Creating and Adding a Cookie

Example: Adding a Cookie

2. Reading Cookies

Example: Retrieving a Cookie

3. Deleting a Cookie

Example: Deleting a Cookie

Important Notes

Methods for Setting Headers

Example Code

Important Notes

Commonly Used Response Headers

2. Explanation of Methods in the `Filter` Interface

3. Configure the Filter in `web.xml` (Optional)

1. Basic Syntax of the `@WebServlet` Annotation

2. Parameters of `@WebServlet`