I am developing an j2ee based application .
Should I put the code to
1) Authenticating the user
2) Simple Session check whether the session is valid
3) Encripting and decripting the request and response
a) Servlets with some helper classes
another question i have is whether filter are thread safe?
if not why it does not need to be thread safe
Think of a filter as a guard. Only if certain preconditions pass will it allow execution to continue.
A typical example of a filter would be to ensure a user is logged on.
For any logic where it states "only happen if.." kinda implies a filter.
Usually servlet filters are used to check for something which is common across all the users of the web application. The servlet container instantiates only one instance of the filter and the same is used to serve all the clients. If you maintaine the state of a user in a servlet filter then it will cause prolems..