Uses of Interface
org.forgerock.http.Filter

Packages that use Filter

Package	Description
org.forgerock.http.filter	Core Filter implementations.
org.forgerock.http.filter.cors	Support for CORS.
org.forgerock.http.handler	Core Handler implementations.
org.forgerock.http.oauth2	This package provides APIs for OAuth 2.0 services implementations.
org.forgerock.http.routing	Provides routing functionality for HTTP requests.
org.forgerock.http.swagger	Classes to support OpenAPI API Descriptions using Swagger.
org.forgerock.json.resource	Classes and interfaces for core types including connections, request handlers, resources, and their exceptions.
org.forgerock.openig.assertion.plugin	Identity Assertion plugins.
org.forgerock.openig.assertion.plugin.kerberos	Kerberos Identity Assertion plugin.
org.forgerock.openig.decoration.helper	Contains an abstract decorator dedicated to Filter and Handler.
org.forgerock.openig.decoration.tracing	Contains decorators that can wrap filters and handlers with tracing contexts.
org.forgerock.openig.filter	Filters the requests and/or responses of HTTP.
org.forgerock.openig.filter.allow	Filters the HTTP request using a declarative configuration model based on a chain of predicates to validate.
org.forgerock.openig.filter.circuitbreaker	This package contains the components used to implement circuit breaking.
org.forgerock.openig.filter.finance	Support for financial APIs (Open Banking, PSD2, Berlin Group, ...).
org.forgerock.openig.filter.jwt	This package contains the components used to implement some JWT related filter.
org.forgerock.openig.filter.oauth2	This package contains the OAuth2 Token validation filter that acts as an OAuth 2 Resource Server.
org.forgerock.openig.filter.oauth2.client	OAuth 2.0 Client filter implementation.
org.forgerock.openig.filter.oauth2.client.authentication	Collection of heaplets supporting OAuth2 client authentication Filters.
org.forgerock.openig.filter.oauth2.cnf	JWT confirmation key support for access tokens.
org.forgerock.openig.filter.throttling	This package contains the components used to implement a throttling rate support.
org.forgerock.openig.handler	Handles HTTP requests by generating responses.
org.forgerock.openig.handler.assertion	Handles the tech preview identity assertion processing.
org.forgerock.openig.handler.router	Provides automated router capability that loads its configurations files (called routes) from a given directory.
org.forgerock.openig.openam	Integration classes specifically for ForgeRock Access Management.
org.forgerock.openig.openam.session	AM Session idle timeout tracking.
org.forgerock.openig.ping.protect	This package contains the components used to integrate with PingOne Protect, to support risk evaluation and routing.
org.forgerock.openig.ping.sideband	Contains every classes related to Ping's sideband API.
org.forgerock.openig.providers	Contains provider interfaces needed by IG to work correctly.
org.forgerock.openig.sql	Provides SQL and JDBC support.
org.forgerock.openig.tools	Common tools used in policy service.
org.forgerock.openig.uma	This package contains the UMA (User Managed Access) components used to support the Uma Resource Server role.
org.forgerock.openig.websocket	WebSocket proxy support.

Uses of Filter in org.forgerock.http.filter

Classes in org.forgerock.http.filter that implement Filter

Modifier and Type	Class	Description
final class	CsrfFilter	A generic filter for preventing cross-site request forgery (CSRF) attacks when using cookie-based authentication.
final class	OptionsFilter	Filter which handles OPTION HTTP requests to CREST resources.
class	TransactionIdInboundFilter	This filter is responsible to create the TransactionIdContext in the context's chain.
class	TransactionIdOutboundFilter	This filter aims to create a sub-transaction's id and inserts that value as a header of the request.

Methods in org.forgerock.http.filter that return Filter

Modifier and Type	Method	Description
static Filter	Filters.chainOf(List<Filter> filters)	Creates a Filter which encapsulates the provided filters into a single Filter.
static Filter	Filters.chainOf(Filter... filters)	Creates a Filter which encapsulates the provided filters into a single Filter.
static Filter	Filters.conditionalFilter(Filter delegate, BiPredicate<Context,Request> condition)	Create a Filter decorator that only delegates to the decorated filter if the supplied predicate returns true.
static Filter	Filters.newAsyncSessionFilter(AsyncSessionManager sessionManager)	Creates a session Filter that will use the provided AsyncSessionManager to manage the users session.
static Filter	Filters.newBearerTokenAuthFilter(SecretReference<GenericSecret> tokenReference)	Creates an authentication Filter that puts a Bearer Authorization header in the request.
static Filter	Filters.newBearerTokenAuthFilterWithoutRetry(SecretReference<GenericSecret> tokenReference)	Creates an authentication Filter that puts a Bearer Authorization header in the request.
static Filter	Filters.newDefaultCsrfFilter(String cookieName)	Creates a filter that protects against cross-site request forgery (CSRF) attacks when using cookies for authentication.
static Filter	Filters.newHttpBasicAuthenticationFilter(String username, SecretReference<GenericSecret> password)	Deprecated, for removal: This API element is subject to removal in a future version. use Filters.newHttpBasicAuthenticationFilter(CredentialPair) instead
static Filter	Filters.newHttpBasicAuthenticationFilter(String username, SecretReference<GenericSecret> password, Charset charset)	Deprecated, for removal: This API element is subject to removal in a future version. use Filters.newHttpBasicAuthenticationFilter(CredentialPair, Charset) instead
static Filter	Filters.newHttpBasicAuthenticationFilter(CredentialPair<GenericSecret> credentialPair)	Creates an authentication Filter that puts a Basic Authorization header in the request.
static Filter	Filters.newHttpBasicAuthenticationFilter(CredentialPair<GenericSecret> credentialPair, Charset charset)	Creates an authentication Filter that puts a Basic Authorization header in the request.
static Filter	Filters.newOptionsFilter(String... allowedMethods)	Creates a Filter which handles HTTP OPTIONS method requests.
static Filter	Filters.newSessionFilter(SessionManager sessionManager)	Deprecated.
static Filter	Filters.newUrlEncodedHttpBasicAuthFilter(String username, SecretReference<GenericSecret> password)	Deprecated, for removal: This API element is subject to removal in a future version. use Filters.newUrlEncodedHttpBasicAuthFilter(CredentialPair) instead
static Filter	Filters.newUrlEncodedHttpBasicAuthFilter(CredentialPair<GenericSecret> credentialPair)	Creates an authentication Filter that put a Basic Authorization header in the request.
static Filter	Filters.requestCopyFilter()	Creates a Filter which creates a defensive copy of the Request - on which the chain of execution will be based on.

Methods in org.forgerock.http.filter with parameters of type Filter

Modifier and Type	Method	Description
static Filter	Filters.chainOf(Filter... filters)	Creates a Filter which encapsulates the provided filters into a single Filter.
static Filter	Filters.conditionalFilter(Filter delegate, BiPredicate<Context,Request> condition)	Create a Filter decorator that only delegates to the decorated filter if the supplied predicate returns true.

Method parameters in org.forgerock.http.filter with type arguments of type Filter

Modifier and Type	Method	Description
static Filter	Filters.chainOf(List<Filter> filters)	Creates a Filter which encapsulates the provided filters into a single Filter.

Uses of Filter in org.forgerock.http.filter.cors

Classes in org.forgerock.http.filter.cors that implement Filter

Modifier and Type	Class	Description
class	CorsFilter	This filters implements the resource processing of the CORS protocol.

Uses of Filter in org.forgerock.http.handler

Methods in org.forgerock.http.handler with parameters of type Filter

Modifier and Type	Method	Description
static DescribableHandler	Handlers.chainOf(Handler handler, Filter... filters)	Creates a Handler which wraps the provided filters around the provided target handler.
static DescribableHandler	Handlers.filtered(Handler handler, Filter filter)	Creates a "filtered handler" instance.

Method parameters in org.forgerock.http.handler with type arguments of type Filter

Modifier and Type	Method	Description
static DescribableHandler	Handlers.chainOf(Handler handler, List<Filter> filters)	Creates a Handler which wraps the provided filters around the provided target handler.

Uses of Filter in org.forgerock.http.oauth2

Classes in org.forgerock.http.oauth2 that implement Filter

Modifier and Type	Class	Description
class	ClientSecretBasicAuthenticationFilter	Deprecated. since 26.2.
class	ClientSecretPostAuthenticationFilter	A Filter implementation to add the credentials to request body for authenticating as per the OAuth 2.0 Authorization Framework specification.
class	EncryptedPrivateKeyJwtClientAuthenticationFilter	A Filter implementation to add the client credentials to request as signed then encrypted private key jwt as per the OpenID Connect Client Authentication specification.
class	PrivateKeyJwtClientAuthenticationFilter	A Filter implementation for adding the client credentials to request as signed private key jwt as per the OpenID Connect Client Authentication specification.
class	ResourceServerFilter	Validates a Request that contains an OAuth 2.0 access token.

Uses of Filter in org.forgerock.http.routing

Classes in org.forgerock.http.routing that implement Filter

Modifier and Type	Class	Description
class	ResourceApiVersionRoutingFilter	API Version routing filter which creates a ApiVersionRouterContext which contains the default routing behaviour when the Accept-API-Version header is set on the request.

Methods in org.forgerock.http.routing that return Filter

Modifier and Type	Method	Description
static Filter	RouteMatchers.resourceApiVersionContextFilter(ResourceApiVersionBehaviourManager behaviourManager)	Creates a Filter which MUST be placed, in the route, before any API Version routing takes place.

Uses of Filter in org.forgerock.http.swagger

Classes in org.forgerock.http.swagger that implement Filter

Modifier and Type	Class	Description
class	OpenApiRequestFilter	This filter looks for the query parameter {code _api} : if present then it returns the API description of the downstream handlers, otherwise the request is processed as expected.

Uses of Filter in org.forgerock.json.resource

Classes in org.forgerock.json.resource that implement Filter

Modifier and Type	Class	Description
class	ResourceApiVersionRoutingFilter	API Version routing filter which creates a ApiVersionRouterContext which contains the default routing behaviour when the Accept-API-Version header is set on the request.

Uses of Filter in org.forgerock.openig.assertion.plugin

Methods in org.forgerock.openig.assertion.plugin that return Filter

Modifier and Type	Method	Description
default Filter	IdentityAssertionPlugin.preProcessingFilter()	Return a Filter to deal with any pre-processing requirements such as challenging the user for credentials by returning a WWW-Authenticate header.
Filter	ScriptableIdentityAssertionPlugin.preProcessingFilter()

Uses of Filter in org.forgerock.openig.assertion.plugin.kerberos

Methods in org.forgerock.openig.assertion.plugin.kerberos that return Filter

Modifier and Type	Method	Description
Filter	KerberosIdentityAssertionPlugin.preProcessingFilter()

Uses of Filter in org.forgerock.openig.decoration.helper

Methods in org.forgerock.openig.decoration.helper with parameters of type Filter

Modifier and Type	Method	Description
protected abstract DecorationHandle	AbstractHandlerAndFilterDecorator.decorateFilter(Filter delegate, JsonValue decoratorConfig, Context context)	Deprecated. Decorates the provided delegate Filter instance with the provided decoratorConfig configuration.

Uses of Filter in org.forgerock.openig.decoration.tracing

Methods in org.forgerock.openig.decoration.tracing that return Filter

Modifier and Type	Method	Description
Filter	TracingDecoratorFactory.FilterFactory.wrap(Filter delegate, String spanName, org.forgerock.openig.tracing.TracingProvider tracingProvider)

Methods in org.forgerock.openig.decoration.tracing that return types with arguments of type Filter

Modifier and Type	Method	Description
Class<Filter>	TracingDecoratorFactory.FilterFactory.getKey()

Methods in org.forgerock.openig.decoration.tracing with parameters of type Filter

Modifier and Type	Method	Description
Filter	TracingDecoratorFactory.FilterFactory.wrap(Filter delegate, String spanName, org.forgerock.openig.tracing.TracingProvider tracingProvider)

Uses of Filter in org.forgerock.openig.filter

Classes in org.forgerock.openig.filter that implement Filter

Modifier and Type	Class	Description
class	AssignmentFilter	Conditionally assigns values to expressions before and after the request is handled.
class	ConditionalFilter	This filter conditionally executes a delegate Filter given the result of a 'condition' function.
class	ConditionEnforcementFilter	An ConditionEnforcementFilter makes sure that the handled Request verifies a condition.
class	CookieFilter	Suppresses, relays and manages cookies.
class	DataPreservationFilter	The DataPreservationFilter supports preserving POSTed data from a request that triggers a login redirect.
final class	DateHeaderFilter	This filter inserts a Date header into the response if it is not present.
class	EntityExtractFilter	Extracts regular expression patterns from a message entity.
class	FileAttributesFilter	Retrieves and exposes a record from a delimiter-separated file.
final class	ForwardedRequestFilter	Rebase the UriRouterContext's Original URI with a computed scheme, host name and port.
class	FragmentFilter	The FragmentFilter supports URIs that contain fragments, keeping track of the fragment part when a request triggers a login redirect.
class	HeaderFilter	Removes headers from and adds headers to a message.
class	HttpAccessAuditFilter	This filter aims to send some access audit events to the AuditService managed as a CREST handler.
class	HttpBasicAuthFilter	Performs authentication through the HTTP Basic authentication scheme.
class	JwtBuilderFilter	The JwtBuilderFilter collects data from template and puts the name-value pairs into a JWT structure.
class	LocationHeaderFilter	Rewrites Location headers on responses that generate a redirect that would take the user directly to the application being proxied rather than taking the user through the Identity Gateway.
class	LogAttachedExceptionFilter	A LogAttachedExceptionFilter prints attached exceptions to filtered responses.
class	MdcRouteIdFilter	A MdcRouteIdFilter aims to prepare the current thread with SLF4J MDC information about the current route.
final class	MetricsFilter	Collect request processing metrics.
final class	RetryFilter	A RetryFilter is responsible for re-executing the incoming request should it fail with a runtime exception, if an optional runtime exception retry condition evaluates to true, or if an optional condition expression evaluates to true.
class	ScriptableFilter	A scriptable filter.
class	SetCookieUpdateFilter	This filter allows modification of response cookie attribute values for cookies found in the Set-Cookies header.
class	SplitCookieFilter	Split a target cookie that is bigger than 4Kb (see RFC 6265) in smaller cookies.
class	StaticRequestFilter	Creates a new request and send it down the next handler (effectively replacing the previous request).
class	SwitchFilter	Conditionally diverts the request to another handler.
class	UriPathRewriteFilter	Filter supporting URL path rewriting.

Methods in org.forgerock.openig.filter that return Filter

Modifier and Type	Method	Description
Filter	RetryFilter.Builder.build()	Build the RetryFilter.

Constructors in org.forgerock.openig.filter with parameters of type Filter

Modifier	Constructor	Description
	ConditionalFilter(Filter delegate, boolean condition)	Constructs a ConditionalFilter.
	ConditionalFilter(Filter delegate, AsyncFunction<ContextAndRequest,Boolean,Exception> condition)	Constructs a ConditionalFilter.

Uses of Filter in org.forgerock.openig.filter.allow

Classes in org.forgerock.openig.filter.allow that implement Filter

Modifier and Type	Class	Description
class	AllowOnlyFilter	This filter authorizes a request to continue processing if any of the declared rules is satisfied (logical or).

Uses of Filter in org.forgerock.openig.filter.circuitbreaker

Classes in org.forgerock.openig.filter.circuitbreaker that implement Filter

Modifier and Type	Class	Description
class	CircuitBreakerFilter	Filter implementing the Circuit Breaker pattern to avoid cascading failures.

Uses of Filter in org.forgerock.openig.filter.finance

Classes in org.forgerock.openig.filter.finance that implement Filter

Modifier and Type	Class	Description
class	FapiInteractionIdFilter	A FapiInteractionIdFilter is responsible to manage the FapiInteractionIdFilter.FAPI_INTERACTION_ID header value.

Uses of Filter in org.forgerock.openig.filter.jwt

Classes in org.forgerock.openig.filter.jwt that implement Filter

Modifier and Type	Class	Description
class	JwtValidationFilter	A JwtValidationFilter validates the given JWT according to the provided configuration.

Uses of Filter in org.forgerock.openig.filter.oauth2

Classes in org.forgerock.openig.filter.oauth2 that implement Filter

Modifier and Type	Class	Description
class	OAuth2TokenExchangeFilter	Filter supporting OAuth2 token exchange scenarios.

Uses of Filter in org.forgerock.openig.filter.oauth2.client

Classes in org.forgerock.openig.filter.oauth2.client that implement Filter

Modifier and Type	Class	Description
class	ClientRegistrationFilter	The client registration filter is the way to dynamically register an OpenID Connect Relying Party with the End-User's OpenID Provider.
class	DiscoveryFilter	In order for an OpenID Connect Relying Party to utilize OpenID Connect services for an End-User, the RP needs to know where the OpenID Provider is.
class	GrantSwapJwtAssertionOAuth2ClientFilter	Creates and initializes a Filter supporting the transformation of a request - e.g.
final class	OAuth2ClientFilter	A filter which is responsible for authenticating the end-user using OAuth 2.0 delegated authorization.

Uses of Filter in org.forgerock.openig.filter.oauth2.client.authentication

Methods in org.forgerock.openig.filter.oauth2.client.authentication that return Filter

Modifier and Type	Method	Description
protected Filter	ClientSecretBasicAuthenticationFilterHeaplet.createFilter(CredentialPair<GenericSecret> credentialPair)
protected Filter	ClientSecretPostAuthenticationFilterHeaplet.createFilter(CredentialPair<GenericSecret> credentialPair)

Uses of Filter in org.forgerock.openig.filter.oauth2.cnf

Classes in org.forgerock.openig.filter.oauth2.cnf that implement Filter

Modifier and Type	Class	Description
class	CertificateThumbprintFilter	A filter that evaluates a required EL expression to establish the client certificate from both context and request, then calculates the thumbprint for that certificate (sha-256 hash and base64 url encoding) before storing it in the attributes context for later retrieval in downstream components.

Uses of Filter in org.forgerock.openig.filter.throttling

Classes in org.forgerock.openig.filter.throttling that implement Filter

Modifier and Type	Class	Description
class	ThrottlingFilter	This filter applies a rate limitation to incoming requests : over the limit requests will be rejected with a 429 (Too Many Requests) response, others will pass through.

Uses of Filter in org.forgerock.openig.handler

Methods in org.forgerock.openig.handler that return types with arguments of type Filter

Modifier and Type	Method	Description
protected final Optional<Filter>	HttpClientHandlerHeaplet.circuitBreakerFilter(JsonValue config)	Create a circuit breaker filter from configurations.
protected List<Filter>	ClientHandlerHeaplet.filters(Options options)
protected abstract List<Filter>	HttpClientHandlerHeaplet.filters(Options options)	Returns a list of Filter that will be executed on every request before the HttpClientHandler.
protected List<Filter>	ReverseProxyHandlerHeaplet.filters(Options options)
protected final Optional<Filter>	HttpClientHandlerHeaplet.retryFilter(JsonValue config, org.forgerock.monitoring.api.instrument.MeterRegistry meterRegistry)	Returns a RetryFilter if the provided configuration enabled its usage, or empty if not.

Uses of Filter in org.forgerock.openig.handler.assertion

Methods in org.forgerock.openig.handler.assertion that return Filter

Modifier and Type	Method	Description
default Filter	IdentityAssertionPluginTechPreview.preProcessingFilter()	Return a Filter to deal with any pre-processing requirements.
Filter	ScriptableIdentityAssertionPluginTechPreview.preProcessingFilter()

Uses of Filter in org.forgerock.openig.handler.router

Classes in org.forgerock.openig.handler.router that implement Filter

Modifier and Type	Class	Description
class	NullResponseFilter	This class is used to filter null responses.

Uses of Filter in org.forgerock.openig.openam

Classes in org.forgerock.openig.openam that implement Filter

Modifier and Type	Class	Description
class	AbstractConditionAdviceFilter	Abstract Filter base class providing policy condition advice support.
class	CapturedUserPasswordFilter	The CapturedUserPasswordFilter is responsible for retrieving the user password from AM and to decrypt it.
class	CdSsoConditionAdviceFilter	This filter handles any condition advices returned from AM during a policy evaluation, which one will depend on the policy.
class	CrossDomainSingleSignOnFilter	This filter verifies the presence of a JWT authentication token in the configured cookie name: If the JWT is present then its validity is checked and the request is forwarded to the next handler. If the JWT is not present, then the user-agent is redirected to Access Management via its OAuth2 authorization endpoint, to obtain user authentication.
class	PolicyEnforcementFilter	This filter requests policy decisions from Access Management which evaluates the original URI based on the context and the policies configured, and according to the decisions, allows or denies the current request.
class	SessionInfoFilter	This filter requests user session info from Access Management and stores it on the context for later use.
class	SingleSignOnFilter	This filter verifies the presence of a SSOToken in the given cookie name.
class	TokenTransformationFilter	A TokenTransformationFilter is responsible for transforming a token issued by Access Management into a token of another type.
class	UserProfileFilter	This filter requests user profile attributes from Access Management and stores them in the context for later use.

Uses of Filter in org.forgerock.openig.openam.session

Classes in org.forgerock.openig.openam.session that implement Filter

Modifier and Type	Class	Description
class	AmSessionIdleTimeoutFilter	This filter will track the AM sessions (stateless or stateful) and will revoke them if their idle timeout goes over a defined limit.

Uses of Filter in org.forgerock.openig.ping.protect

Classes in org.forgerock.openig.ping.protect that implement Filter

Modifier and Type	Class	Description
class	PingOneProtectDeviceProfileFilter	If configured and enabled, the PingOneProtectDeviceProfileFilter gathers a "device profile" from the client for the purpose of providing additional evaluation signals to PingOne Protect.
class	PingOneProtectEvaluationFilter	The PingOneProtectEvaluationFilter supports integration with PingOne Protect.
class	PingOneProtectFeedbackFilter	The PingOneProtectFeedbackFilter provides a feedback mechanism to capture the outcome of actions completed as a result of the risk evaluation.

Uses of Filter in org.forgerock.openig.ping.sideband

Classes in org.forgerock.openig.ping.sideband that implement Filter

Modifier and Type	Class	Description
class	SidebandApiFilter	Sends the requests and responses to the Ping Sideband API, then processes its decisions and accept/reject/rewrite requests and responses.

Uses of Filter in org.forgerock.openig.providers

Methods in org.forgerock.openig.providers that return Filter

Modifier and Type	Method	Description
Filter	WebSocketProxyFilterProvider.newWebSocketHandshakeDetectorFilter()	Create a new Filter to detect WebSocket upgrade.
Filter	WebSocketProxyFilterProvider.newWebSocketProxyFilter(Options options, org.forgerock.monitoring.api.instrument.MeterRegistry meterRegistry)	Create a new Filter to manage WebSocket upgrade requests, and manage subsequent communication.

Uses of Filter in org.forgerock.openig.sql

Classes in org.forgerock.openig.sql that implement Filter

Modifier and Type	Class	Description
class	SqlAttributesFilter	Executes a SQL query through a prepared statement and exposes its first result.

Uses of Filter in org.forgerock.openig.tools

Classes in org.forgerock.openig.tools that implement Filter

Modifier and Type	Class	Description
class	ApiVersionProtocolHeaderFilter	This filter overrides the protocol version in Accept-Api-Version header.
class	HeadlessAuthenticationFilter	Provides an OpenAM SSO Token in the given header name for downstream components.
class	InsertSsoTokenHeaderFilter	This filter is responsible to check that an @InternalSsoTokenContext was defined in the context's chain and to propagate the SSO token (potentially not valid) into the request as a header.
class	InvalidCallerTokenDetectionFilter	An InvalidCallerTokenDetectionFilter provides a mechanism that allows IG to detect an incorrect response and trigger a token refresh before making the request again with the updated token.

Uses of Filter in org.forgerock.openig.uma

Classes in org.forgerock.openig.uma that implement Filter

Modifier and Type	Class	Description
class	UmaResourceServerFilter	An UmaResourceServerFilter implements a PEP (Policy Enforcement Point) and is responsible to ensure the incoming requests (from requesting parties) all have a valid RPT (Request Party Token) with the required set of scopes.

Uses of Filter in org.forgerock.openig.websocket

Methods in org.forgerock.openig.websocket that return Filter

Modifier and Type	Method	Description
Filter	WebSocketProxyFilterProviderImpl.newWebSocketHandshakeDetectorFilter()
Filter	WebSocketProxyFilterProviderImpl.newWebSocketProxyFilter(Options options, org.forgerock.monitoring.api.instrument.MeterRegistry meterRegistry)