Additional servlet filters

Custom servlet filters are not supported in IDM 8.0. The only servletfilter-* configurations you can continue to use are CrossOriginFilter and LargePayloadServletFilter. Learn more in Discontinued functionality.

You can register and customize only the org.eclipse.jetty.ee10.servlets.CrossOriginFilter and org.forgerock.openidm.jetty.LargePayloadServletFilter servlet filters. These filters are available to protect against cross-site request forgery and overly large request payloads.

A sample servlet filter configuration is provided in the /path/to/openidm/conf/servletfilter-cors.json file:

{
    "initParams" : {
       "allowedOrigins" : "https://localhost:&{openidm.port.https}",
       "allowedMethods" : "GET,POST,PUT,DELETE,PATCH",
       "allowedHeaders" : "accept,x-openidm-password,x-openidm-nosession,
                           x-openidm-username,content-type,origin,
                           x-requested-with",
       "allowCredentials" : true,
       "chainPreflight" : false
    },
    "urlPatterns" : [
       "/*"
    ],
    "filterClass" : "org.eclipse.jetty.servlets.CrossOriginFilter"
}

The sample configuration includes the following properties:

filterClass: The servlet filter that is being registered.

The following additional properties can be configured for the filter:

httpContextId: The HTTP context in which the filter should be registered. The default is "openidm".
servletNames: A list of servlet names where the filter should apply. The default is "OpenIDM REST".
urlPatterns: A list of URL patterns where the filter applies. The default is ["/*"].
initParams: Filter configuration initialization parameters that are passed to the servlet filter init method. Learn more in Interface FilterConfig.

PingIDM 8.0.0

Additional servlet filters