A filter on an url-pattern of "/" is not invoked when requesting the context root URL like http://localhost:8080/contextname/. This is regardless where the url-pattern is definied. In web.xml as <url-pattern>/</url-pattern> or in filter class as @WebFilter(urlPatterns={"/"}) This works fine on Tomcat 6.x and Glassfish v3.0.1.
/* same as TC 6 up until checkUnusualURLPattern */ /** * Validate the syntax of a proposed <code><url-pattern></code> * for conformance with specification requirements. * * @param urlPattern URL pattern to be validated */ private boolean validateURLPattern(String urlPattern) { if (urlPattern == null) return (false); if (urlPattern.indexOf('\n') >= 0 || urlPattern.indexOf('\r') >= 0) { return (false); } if (urlPattern.startsWith("*.")) { if (urlPattern.indexOf('/') < 0) { checkUnusualURLPattern(urlPattern); return (true); } else return (false); } if ( (urlPattern.startsWith("/")) && (urlPattern.indexOf("*.") < 0)) { checkUnusualURLPattern(urlPattern); return (true); } else return (false); } /** * Check for unusual but valid <code><url-pattern></code>s. * See Bugzilla 34805, 43079 & 43080 */ private void checkUnusualURLPattern(String urlPattern) { if (log.isInfoEnabled()) { if(urlPattern.endsWith("*") && (urlPattern.length() < 2 || urlPattern.charAt(urlPattern.length()-2) != '/')) { log.info("Suspicious url pattern: \"" + urlPattern + "\"" + " in context [" + getName() + "] - see" + " section SRV.11.2 of the Servlet specification" ); } } } /*TESTCASE: if the url-pattern is / then urlPattern.length() =1 and the urlPattern.charAt(urlPattern.length()-2) is urlPattern.charAt(-1) would throw NPE fix would be to have checkUnusualURLPattern throw NPE as here */ private boolean validateURLPattern(String urlPattern) { if (urlPattern == null) return (false); if (urlPattern.indexOf('\n') >= 0 || urlPattern.indexOf('\r') >= 0) { return (false); } if (urlPattern.startsWith("*.")) { if (urlPattern.indexOf('/') < 0) { checkUnusualURLPattern(urlPattern); return (true); } else return (false); } if ( (urlPattern.startsWith("/")) && (urlPattern.indexOf("*.") < 0)) { try { checkUnusualURLPattern(urlPattern); } catch(NullPointerException npe) { System.err.println("checkUnusualURLPattern has thrown NPE for urlPattern="+urlPattern+" message="+npe.getMessage()); } return (true); } else return (false); } /*change checkUnusualURLPattern method to throw NPE */ private void checkUnusualURLPattern(String urlPattern) throws NullPointerException { if (log.isInfoEnabled()) { try { if(urlPattern.endsWith("*") && (urlPattern.length() < 2 || urlPattern.charAt(urlPattern.length()-2) != '/')) { log.info("Suspicious url pattern: \"" + urlPattern + "\"" + " in context [" + getName() + "] - see" + " section SRV.11.2 of the Servlet specification" ); } } catch(NullPointerException npe) { //re throw NPE throw NullPointerException(npe.getMessage()); } }
Okay what I'm seeing with a simple application with an index.jsp and a filter. In o.a.c.c.ApplicationFilterFactory#createFilterChain, requestPath is being set to request.getAttribute(DISPATCHER_REQUEST_PATH_ATTR); It is this attribute that is matched against the filter; Which is "/index.jsp" (in my case) rather than the URI requested by the browser. Now I'm not sure if this is correct behaviour or not. I'd need to confirm with the specs but it sounds wrong. My test application run against tc6.0.18 didn't match the root node either however. I haven't run that in debug to see if its the same reason.
Managed to speak to the spec lead and a couple of EG members about this. The intention (although only implied rather than explicitly stated) of the Servlet spec is that the welcome file mapping (if required) is applied before matching with any filter URL patterns. Hopefully the next maintenance release will have some clarifications in this area. I am therefore closing this as won't fix. If the spec had been clearer, I probably would have closed it as invalid.