Try OpenEdge Now
skip to main content
Customization Guide
Customizing Login pages using BPM Sign-on API : DomainFilter


This filter is used to protect accesses to any Web application.
*DomainFilter reads the context parameters BizPassLoginURL, which specifies the link to the common Login page (BPM Sign-on API Login page), and domainLogoutURL (the URL to request a logout action from the domain).
*It first checks whether the current session is valid or not by invoking the isSessionValid() method, which verifies the presence of domain-specific beans in the HTTP session.
*If the session is considered valid, then the requested page is displayed.
*Finally, in case everything else fails, the user is redirected to BPM Sign-on API Login page, along with the originally requested URL (the http parameter in domainTargetURL) and the URL to request a logout from the domain (the http parameter in domainLogoutURL).