Servlet Specification 2.3 came with many new features. One of such feature which is used for Single Sign On (SSO) implementation is Servlet Filter. Below image gives an outline how servlet filters can intercept request and response headers before content is reached to the destination.
Servlet Filters can intercept incoming request and check the header variables, It can also make dynamic decisions after validating the HTTP Headers.
How Servlet Filters can be used for SSO:
Agents responsible for providing SSO functionality use Servlet Filters to intercept every request before it hits the destination. Filter intercepts the session header variable in the request and checks against the Session Manager of the Access Control product. If the Session coming in the request is valid then it passes the requst to the other component of the agent for further processing like role validation etc. If the Session is not valid then User will be redirected to the login page. In the below diagram I tried to detailed out some of the J2EE agent components.