First Party Configuration | HUMAN Documentation

First-Party will allow the sensor to be served from your domain. Using the First-Party mode is recommended. By enabling first party mode on the java SDK you will achieve:

Improved performance - Serving the sensor as part of the standard site content removes the need to open a new connection to PerimeterX servers when a page is loaded. Improved detection - Third party content may be blocked by certain browser plugins and privacy addons. The First-Party sensor leads directly to improved detection, as seen with customers who previously moved from Third Party sensor to First-Party sensor.

Integration

RequestWrapper - Reading HttpServletRequest is limited to one time only. This class will read the request and will set its body on the body var. This enables multiple reading of the body request.

ResponseWrapper - Using this wrapper enables reading the response body multiple times

1 public class PXFilter implements Filter {
2 
3     private PerimeterX enforcer;
4 
5     public void init(FilterConfig filterConfig) throws ServletException {
6         try {
7             PXConfiguration config = new PXConfiguration.Builder()
8                     .appId("PXaBcDeFgH")
9                     .cookieKey("COOKIE_KEY")
10                     .authToken("AUTH_TOKEN")
11                     .build();
12             this.enforcer = new PerimeterX(config);
13         } catch (PXException e) {
14             e.printStackTrace();
15             System.exit(1);
16         }
17     }
18 
19     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
20         // The request wrapper enables to read the request multiple times.
21         request = new RequestWrapper((HttpServletRequest) request);
22      
23         try {
24             PXContext pxContext = this.enforcer.pxVerify((HttpServletRequest) servletRequest, new HttpServletResponseWrapper((HttpServletResponse) servletResponse));
25 
26             boolean isHandledResponse = pxContext.isHandledResponse();
27             if (isHandledResponse) {
28                 return;
29             }
30 
31             filterChain.doFilter(servletRequest, servletResponse);
32 
33          // This enables to read the response, it should happen after the response was already sent to the client
34             response = new ResponseWrapper((HttpServletResponse) response);
35          pxFilter.pxPostVerify((ResponseWrapper) response, context);
36         } catch (Exception e) {
37             // Fail open in case of Exception
38             filterChain.doFilter(servletRequest, servletResponse);
39         }
40     }
41 
42     public void destroy() {
43 
44     }
45 }

1 <web-app>
2   <filter>
3      <filter-name>PXFilter</filter-name>
4      <display-name>PXFilter</display-name>
5      <filter-class>com.webapp.filters.PXFilter</filter-class>
6   </filter>
7 
8   <!-- Either apply PXFilter on all traffic -->
9   <filter-mapping>
10      <filter-name>PXFilter</filter-name>
11      <url-pattern>/</url-pattern>
12   </filter-mapping>
13 
14   <!-- OR apply PXFilter on first party routes only, also remember to apply a filter on the rest of the traffic -->
15   <filter-mapping>
16      <filter-name>PXFilter</filter-name>
17      <!-- Use the app id from the configurations with PX prefix -->
18      <url-pattern>/aBcDeFgH</url-pattern>
19   </filter-mapping>
20 </web-app>