WebSphere Application Server Network Deployment, Version 6.0.x   Operating Systems: AIX, HP-UX, Linux, Solaris, Windows
             [TIP: Focusing the table of contents and search results]

Configuring servlet filters

IBM Rational Application Developer or an assembly tool can configure the servlet filters. Two steps are involved in configuring a servlet filter.

Procedure

  1. Name the servlet filter and assign the corresponding implementation class to the servlet filter.

    Optionally, assign initialization parameters that get passed to the init method of the servlet filter.

    After configuring the servlet filter, the web.xml application deployment descriptor contains a servlet filter configuration similar to the following example:
    <filter id="Filter_1">
    			<filter-name>LoginFilter</filter-name>
    			<filter-class>LoginFilter</filter-class>
    			<description>Performs pre-login and post-login 
            operation</description>
    			<init-param>// optional
    					<param-name>ParameterName</param-name>
    					<param-value>ParameterValue</param-value>
    			</init-param>
    </filter>
  2. Map the servlet filter to a URL or a servlet.

    After mapping the servlet filter to a URL or a servlet, theweb.xml application deployment descriptor contains servlet mapping similar to the following example:

    <filter-mapping>
    			<filter-name>LoginFilter</filter-name>
    			<url-pattern>/j_security_check</url-pattern> 
                   // can be servlet <servlet>servletName</servlet>
    </filter-mapping>
    

Example

You can use servlet filters to replace the CustomLoginServlet servlet, and to perform additional authentication, auditing, and logging.

The WebSphere Application Server Samples Gallery provides a form login sample that demonstrates how to use the WebSphere Application Server login facilities to implement and configure form login procedures. The sample integrates the following technologies to demonstrate the WebSphere Application Server and Java 2 Platform, Enterprise Edition (J2EE) login functionality:
  • J2EE form-based login
  • J2EE servlet filter with login
  • IBM extension: form-based login
The form login sample is part of the Technology Samples package. For more information on how to access the form login sample, see Accessing the Samples (Samples Gallery) .



Related concepts
Accessing the Samples (Samples Gallery)
Related tasks
Migrating from the CustomLoginServlet class to servlet filters
Developing servlet filters for form login processing
Securing Web applications using an assembly tool
Related reference
Example: Using servlet filters to perform pre-login and post-login processing during form login
Task topic    

Terms of Use | Feedback

Last updated: Mar 8, 2007 8:14:28 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_configservlet.html

© Copyright IBM Corporation 2005, 2006. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)