Usages

This is a new feature in Joget DX 8.2.

A plugin that acts as a web filter, and intercepts the HTTP request, while doing some pre-processing & post-processing to the response.

Common use cases:

Interface Class

Its extends the javax.servlet.Filter and org.joget.plugin.base.ActivationAwarePlugin.
Exactly the same implementation as a Filter.
Execute based on the provided URL patterns.
URL Patterns follow the AntPathMatcher syntax, which is widely used in the Spring Framework.

public java.lang.String getName

Method returning the name of the filter.

public java.lang.String[] getUrlPatterns()

- - Method returning a URL patterns array to apply the filter.
  - The URL pattern using AntPathMatcher syntax.

public boolean isPositionAfterSecurityFilter()

A flag to make the filter execute after the security chain. If after that, you can get the logged-in user.

public int getOrder()

The order of plugin web filter execution.

public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)

The filter logic implementation.

public void afterRegister()

Auto calling PluginWebFilterUtil.registerFilter to register the filter when installed.

public void beforeUnregister()

Auto calling PluginWebFilterUtil.unregisterFilter to unregister the filter when uninstalling.

public boolean isPositionAfterSecurityFilter()

Default to return true.

public int getOrder()

Default to return 0.

Add a header to the response of /web/login.
Run before the security chain and order after SampleLoginFormEncryption, even if it registers before it.

Intercept /web/login request and auto-login as Admin when the saved URL is the assignment link. Then, it directs to the configured redirect URL or home.

Intercept the /web/login to inject a script to encrypt the login credentials before the body end tag.
Intercept /j_spring_security_check to decrypt the credentials before passing to the security chain.
Run before the security chain.