Integration Server 10.3 | Integration Server Administrator's Guide | Configuring webMethods Enterprise Gateway | About Custom Filter
 
About Custom Filter
You can use the custom filter to invoke a service that is available on the Enterprise Gateway Server.
You can use this capability to customize and invoke services in the Enterprise Gateway Server to perform actions such as custom authentication of external clients in the DMZ, logging or auditing in the DMZ, or implementation of custom rules for processing various payloads.
Using the custom service implementation, you can extract the HTTP headers and payload from a request and act on it as per your business requirements. Upon processing the headers, you can choose to forward the request to the internal server or deny the request and return an error message to the user.
Consider the following example: When a client request to the Enterprise Gateway Server contains only the host:port part of the request URL, the logon screen of the Internal Server appears by default. If you want to prevent access to the Internal Server through request URLs that contain only the host:port part, you can create an Enterprise Gateway rule with a custom filter to deny such requests.
You can also use the pub.flow:setResponseHeaders and pub.flow:setResponseCode services to add custom headers to the response and to set customized response codes.
Keep the following points in mind when creating an Enterprise Gateway rule with the custom filter:
*Integration Server processes the incoming payload at Enterprise Gateway only if the custom logic in the service requires it to be processed.
*Integration Server duplicates the incoming payload of a request, by default and processes the complete request. When you create an Enterprise Gateway rule, clear the check box, Clone the Payload under Custom Filter so that Integration Server can process only the header information without duplicating the incoming payload.
*Use the pub.security.enterprisegateway:customFilterSpec specification as the signature of the custom service. For more details about the specification, see webMethods Integration Server Built-In Services Reference pub.security.enterpriseGateway:customFilterSpec.
*The custom filter is the last filter that the Enterprise Gateway Server will check while processing an Enterprise Gateway rule.
*An Enterprise Gateway rule that contains the custom filter that is enabled must be a denial rule. Enterprise Gateway Server automatically converts an alert rule into a denial rule when you enable the custom filter.