tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Varrun Ramani <>
Subject writing tomcat filters
Date Mon, 25 Jun 2012 22:04:26 GMT

I am in the process developing a web application firewall(WAF) for
tomcat similar to what mod security does, and am planning to use the
filter API already present in tomcat to intercept requests and do the
filtering. While going through the documentation for filters and
several examples, I see that there already exist many filters already
present as part of tomcat (e.g. CSRF filter). I had a few
doubts/questions regarding this. I hope someone can help shed light on
1. If I were to include a new filter using
org.apache.catalina.filters.FilterBase , do I have to build tomcat to
make use of the filter functionality or is it possible to do so
without building it?
2. Have their been prior attempts at developing a WAF for tomcat?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message