On Oct 14, 2009, at 2:37 PM, Zoltan Arnold NAGY wrote:
> Paul Sandoz wrote:
>> That looks good. At line 42 it should be possible to add headers.
>> If you cannot it is a bug. Can you verify when the client performs
>> a POST request that the AuthFilter.close() is called?
> while trying to come up with a complete example, it started to
> work... so it must have been
> a fault in my main program. :)
>
Glad it works now :-)
> one more question: on the server side, the filter class is a
> singleton, I guess.
> so that means it's filter() method must be thread-safe, right?
>
Yes.
If there needs to be some share state between a request and response
filter then i recommend adding properties to the request.
It is also possible to implement the request and response filter in
one class thus only only instance will be instantiated. You can use a
thread local variable for such a case but this will break if the
response is served on a different thread to the request.
Paul.