Restricting Access Based on Password
At this point, you've made use of the response object in filters, but filters can also work with the request object, as WebLogger does. Using the request object lets you handle data on its way to the filtered web resource. For instance, one of the most popular uses of filters is to restrict access to web resources based on password; take a look at Figure 6.4, where an HTML page, login.html, is asking the user for his password.
Figure 6.4. Restricting access-based passwords with a filter.
If the user enters the correct password, he's OK'd by the filter, which passes control on to a JSP ...