This filter is used to protect accesses to any Web application.
DomainFilter reads the context parameters BizPassLoginURL, which specifies the link to the common Login page (BPM Sign-on API Login page), and domainLogoutURL (the URL to request a logout action from the domain).
It first checks whether the current session is valid or not by invoking the isSessionValid() method, which verifies the presence of domain-specific beans in the HTTP session.
If the session is considered valid, then the requested page is displayed.
Finally, in case everything else fails, the user is redirected to BPM Sign-on API Login page, along with the originally requested URL (the http parameter in domainTargetURL) and the URL to request a logout from the domain (the http parameter in domainLogoutURL).
DomainFilter reads the context parameters BizPassLoginURL, which specifies the link to the common Login page (BPM Sign-on API Login page), and domainLogoutURL (the URL to request a logout action from the domain).