When you do this :
((HttpServletResponse) response).sendRedirect("ExpenseManagementLogin.html");
you're sending the user right to the "ExpenseManagementLogin.html" page which is filtered with ExpenseAuthenticationFilter
.
Here is your infinite loop.
As long as the user doesn't have a session it will loop. And as the filter is looping right to itself there won't be any session.
Same thing with your second filter. If a filter does a sendRedirect
to a path that need to be filtered by itself. Unless you have some controls (here a session creation), you'll have an infinite loop.
As this filter only works on "ExpenseManagementLogin.html", why do you do this redirection ?
Colin Hebert
2010-09-25 07:16:40