spring spring-mvc authentication front-controller

Where should I put the login logic? DispatcherServlet or a Filter?

The following 2 things both implement the front controller pattern:

DispatcherServlet defined by Spring
Filter defined by servlet spec

I think login logic should be placed in the front controller. But which one should I use in a Spring MVC web application?

Solution

Instead of implementing that by your own, I strongly recommend to use Spring-Security.

BTW: The way Spring-Security hooks into the HTTP-Request handling process (the "entry"-point), is based on a Servlet filter (org.springframework.web.filter.DelegatingFilterProxy).

What is the difference between @SpringBootConfiguration vs @Configuration?
What is similar function of dd() from Laravel in Spring?
Spring + Prometheus + Grafana: Err reading Prometheus: Post "http://localhost:9090/api/v1/query": dial tcp 127.0.0.1:9090: connect: connection refused
Mapping jsp for a url in Spring 3 without using controller
Spring Documentation for server.ssl.key-store-type
IntelliJ Process finished with exit code 0 when spring-boot run
CustomExceptionMapper only for a specific API Rest with Jersey
Cannot find symbol (all the constructors, getters and setters) in spring boot
kafka async message producer: retry does not work
How to inject a Mapper from MapStruct into a @WebMockMVC Integration Test
How to configure OAuth2AuthorizedClientManager with an HTTP proxy?
How to save List of objects that have a common superclass in Spring JPA inside another entity
Execute method after Spring context initialized but before requests are accepted
No reply in wiretap
Are there any good alternatives to Apache Ignite as an In-Memory Data Grid used together with Spring as a distributed cache?
Which controller for Spring Boot MVC?
Spring cannot find bean xml configuration file when it does exist
@Qualifier not working with Xml based config in Spring 6.2
Upgrading to Spring Boot 3/ JDK 17/ Spring 6 - JAXB conflict issue IllegalAnnotationsException
Kinesis Stream is not found under AWS Account by Spring Kinesis binder
Import Java Config Bean in XML Config Spring 4.0.0.RELEASE
How to create a Spring Library and consumers can import all the beans automatically?
Spring Security OAuth2 - Add parameter to Authorization URL
@AfterReturning method not being triggered correctly in Spring webflux Application
Spring Security 6 .permitAll() not working
Why is my Spring @Autowired field null?
How to disable CSRF in Spring Boot 3 only for tests
SpringBoot @Valid on one field, based on the value of another field
Spring boot - method 'POST' is not supported (multipart/form-data)
Spring tool suite- SunCertPathBuilderException: unable to find valid certification path to requested target