Creating loginfilter for WebSphere Portal

The portal authentication filters are a set of plug-in points. You can use them to intercept or extend the portal login, logout, session timeout, and request processing by custom code, for example to redirect users to a specific URL.

The New Security API in WebSphere Portal talks about various ways to extend the login process. I wanted to play with the LoginFilters so i followed simple steps to build this solution

First i did create SampleExplicityLoginFilter java class like this

public class SampleExplicitLoginFilter implements ExplicitLoginFilter{

public void login(HttpServletRequest request, HttpServletResponse response,
String userId, char[] password, FilterChainContext portalLoginContext, Subject subject,
String realm, ExplicitLoginFilterChain chain) throws LoginException,
WSSecurityException, PasswordInvalidException,
UserIDInvalidException, AuthenticationFailedException,
AuthenticationException, SystemLoginException, {
System.out.println("Entering SamplExplicitLoginFilter.login()");

System.out.println("User Id " + userId);
System.out.println("Password " + String.valueOf(password));
System.out.println("Realm" + realm);

chain.login(request, response, userId, password, portalLoginContext, subject, realm);
System.out.println("Exiting SamplExplicitLoginFilter.login()");
public void destroy() {
public void init(SecurityFilterConfig arg0)
throws SecurityFilterInitException {


This class only reads the userId and password and prints it in the System.out and lets control go to next step.

Similarly i did create a Sample Filter for each of the other interfaces and you can download the sample application from here

Then i built that project and copied it into the PortalServer/shared/app directory. I went to WAS Admin Console and configured all my sample login filters like this.

After that i had to restart my server but after restart when i tried login into portal i could see that i was able to get control in the LoginFilter and write userId and password used by user while login in to System.out like this

[12/17/09 10:52:51:198 PST] 0000002e SystemOut O Entering SamplExplicitLoginFilter.login()
[12/17/09 10:52:51:198 PST] 0000002e SystemOut O User Id wasadmin
[12/17/09 10:52:51:198 PST] 0000002e SystemOut O Password password
[12/17/09 10:52:51:198 PST] 0000002e SystemOut O Realmnull
[12/17/09 10:52:51:245 PST] 0000002e SystemOut O Exiting SamplExplicitLoginFilter.login()


Anonymous said...

Good stuff. Thanks!!

A follow up. How do I redirect to a different page in WPS?

To keep it simple, let's say I want the login filter to send people to a specific WPS WCM page every Friday?

if it's Friday
go to /wps/portal/Friday
go to your regular start page

Thanks again. Great blog!

Login filter said...

Nicely covered all the details

Anonymous said...

Can you also guide us like how to access any property file like( for reading DB details) in login Filter