Popular Posts

Thursday, October 20, 2011

Difference between Servlet Filter and Interceptor for Spring, Struts2 in Java

What is difference between Filter, Interceptor & Listener - when to use one, in which scenario ..

filter dynamically intercepts requests and responses to transform or use the information contained in the requests or responses. Filters typically do not themselves create responses, but instead provide universal functions that can be "attached" to any type of servlet or JSP page.

The filter API is defined by the FilterFilterChain, and FilterConfig interfaces in the javax.servlet package. You define a filter by implementing the Filter interface. A filter chain, passed to a filter by the container, provides a mechanism for invoking a series of filters. A filter config contains initialization data.
The most important method in the Filter interface is the doFilter method, which is the heart of the filter.
Filters can perform many different types of functions. We'll discuss examples of the italicized items in this paper:
  • Authentication-Blocking requests based on user identity.
  • Logging and auditing-Tracking users of a web application.
  • Image conversion-Scaling maps, and so on.
  • Data compression-Making downloads smaller.
  • Localization-Targeting the request and response to a particular locale.
Interceptors are used in conjunction with Java EE managed classes to allow developers to invoke interceptor methods in conjunction with method invocations or lifecycle events on an associated target class. Common uses of interceptors are logging, auditing, or profiling.

Interceptors can be defined within a target class as an interceptor method, or in an associated class called an interceptor class. Interceptor classes contain methods that are invoked in conjunction with the methods or lifecycle events of the target class.
Introduced in JavaEE 5(relatively new concept), Interceptors are used/implemented in Struts 2 & Spring.

HandlerInterceptor is basically similar to a Servlet 2.3 Filter, but in contrast to the latter it just allows custom pre-processing with the option of prohibiting the execution of the handler itself, and custom post-processing. Filters are more powerful, for example they allow for exchanging the request and response objects that are handed down the chain. Note that a filter gets configured in web.xml, a HandlerInterceptor in the application context.
As a basic guideline, fine-grained handler-related preprocessing tasks are candidates for HandlerInterceptor implementations, especially factored-out common handler code and authorization checks. On the other hand, a Filter is well-suited for request content and view content handling, like multipart forms and GZIP compression. This typically shows when one needs to map the filter to certain content types (e.g. images), or to all requests.
A Servlet Filter is used in the web layer only, you can't use it outside of a
web context. Interceptors can be used anywhere. That's the main difference.

A.k.a. for authentication of web pages you would use a servlet filter. For
security stuff in your business layer or logging/bugtracing (a.k.a.
independent of the web layer) you would use an Interceptor.

Servlet Listener is used for listening to events in a web containers, such as when you create a session, or place an attribute in an session or if you passivate and activate in another container, to subscribe to these events you can configure listener in web.xml, for example HttpSessionListener.

struts2 Filter vs Interceptor

Spring's HandlerInterceptor