Your filter is redirecting to an URL which is invoking the very same filter with the very same conditions again which in turn thus results in a new redirect, etcetera. Your filter is basically redirecting to itself in an infinite loop. The webbrowser is blocking the infinite loop after ~20 requests to save the enduser from badly designed webapplications.
You need to fix your filter accordingly that it is not performing a redirect when it has already been performed. Let's assume a basic real world example of a login filter which is mapped on /* which should be redirecting to the login page when the user is not logged in which is identified by user attribute in session. You obviously want that the filter should not redirect to the login page if the login page itself is currently been requested.
@WebFilter("/*")
public class LoginFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession(false);
String loginURL = request.getContextPath() + "/login.jsp";
boolean loggedIn = session != null && session.getAttribute("user") != null;
boolean loginRequest = request.getRequestURI().equals(loginURL);
if (loggedIn || loginRequest) {
chain.doFilter(request, response); // Logged-in user found or already in login page, so just continue request.
} else {
response.sendRedirect(loginURL); // No logged-in user found and not already in login page, so redirect to login page.
}
}
// ...
}
You see, if you want to allow/continue a request, just call chain.doFilter() instead of response.sendRedirect(). Use redirect only if you want to change a request to a different destination.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
