Installation

Artifact	Servlet API	Use when
`perimeterx-sdk`	`javax.servlet` (Java EE 8)	Spring Boot 2.x, Tomcat 9 and earlier
`perimeterx-sdk-jakarta`	`jakarta.servlet` (Jakarta EE 9+)	Spring Boot 3.x, Tomcat 10+

Artifact

Servlet API

Use when

perimeterx-sdk

javax.servlet (Java EE 8)

Spring Boot 2.x, Tomcat 9 and earlier

perimeterx-sdk-jakarta

jakarta.servlet (Jakarta EE 9+)

Spring Boot 3.x, Tomcat 10+

Prerequisites

JDK: There are different JDK requirements depending on the artifact:

perimeterx-sdk (javax): JDK 1.7 or higher
perimeterx-sdk-jakarta: JDK 17 or higher (required by Jakarta Servlet 6/Spring Boot 3).

If you are using a Java version earlier than 8u161, you may need to install the JCE Unlimited Strength Policy files to enable unlimited strength cryptography. If you don’t do this, you may see Unlimited Strength Jurisdiction Policy errors on startup. This is enabled by default in Java version 9 and later.

Your unique HUMAN information:

Your Application ID. You can find this under Platform Settings > Applications > Overview in the HUMAN console. If you have multiple environments, you will also have multiple Application IDs, so be sure to choose the correct ID for the environment you want to install on.
Your Server Token. You can find this under Platform Settings > Applications, then selecting an application and navigating to Application settings > Server token.
Your Risk Cookie Key. You can find this under Bot Defender > Policies > Policy Settings > Policy Information.

Installation

Java EE (javax.servlet)

Jakarta EE (jakarta.servlet)

Use this artifact for Spring Boot 2.x, Tomcat 9 and earlier, and other stacks that still use the javax.servlet namespace.

Add the SDK dependency

Add the following dependency to your pom.xml or build.gradle file:

1 <!-- Add perimeterx-sdk to pom.xml -->
2 <dependency>
3    <groupId>com.perimeterx</groupId>
4    <artifactId>perimeterx-sdk</artifactId>
5    <version>${VERSION}</version>
6 </dependency>

Integrate the Enforcer as a Servlet Filter

Create a filter that intercepts all incoming requests and verifies them with HUMAN. Be sure to include your HUMAN Application ID, Server Token, and Cookie Key.

You only need to include the responseWrapper section found at the end of the code example if you use Credentials Intelligence.

Servlet version >= 3.0

Servlet version < 3.0

Integration example

1 import com.perimeterx.api.PerimeterX;
2 import com.perimeterx.http.RequestWrapper;
3 import com.perimeterx.http.ResponseWrapper;
4 import com.perimeterx.models.PXContext;
5 import com.perimeterx.models.configuration.ModuleMode;
6 import com.perimeterx.models.configuration.PXConfiguration;
7 import com.perimeterx.models.exceptions.PXException;
8 import javax.servlet.*;
9 import javax.servlet.annotation.WebFilter;
10 import javax.servlet.http.HttpServletRequest;
11 import javax.servlet.http.HttpServletResponse;
12 import javax.servlet.http.HttpServletResponseWrapper;
13 import java.io.IOException;
14 
15 @WebFilter("/*")
16 public class HumanFilter implements Filter {
17    private PerimeterX enforcer;
18    @Override
19    public void init(FilterConfig filterConfig) throws ServletException {
20          try {
21             PXConfiguration config = PXConfiguration.builder()
22                     .appId("<APP_ID>") // replace with your HUMAN Application ID
23                     .cookieKey("<COOKIE_KEY>") // replace with your HUMAN Cookie Key
24                     .authToken("<AUTH_TOKEN>") // replace with your HUMAN Server Token
25                     .moduleMode(ModuleMode.BLOCKING)
26                     .build();
27             this.enforcer = new PerimeterX(config);
28          } catch (PXException e) {
29             throw new ServletException("Failed to initialize HUMAN Enforcer", e);
30          }
31    }
32    @Override
33    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
34                         FilterChain filterChain) throws IOException, ServletException {
35          HttpServletRequest req = (HttpServletRequest) servletRequest;
36          HttpServletResponse resp = (HttpServletResponse) servletResponse;
37 
38          try {
39          // Wrap the request to allow reading the body multiple times
40          req = new RequestWrapper(req);
41          // Verify the request with HUMAN
42          PXContext ctx = enforcer.pxVerify(req, new HttpServletResponseWrapper(resp));
43   
44          // Block or First Party
45          if (ctx != null && ctx.isHandledResponse()) {
46               return;
47          }
48   
49          // Pass request
50          filterChain.doFilter(req, resp);
51           
52          // Post-verify for login response validation (Credentials Intelligence)
53          ResponseWrapper responseWrapper = new ResponseWrapper(resp);
54          enforcer.pxPostVerify(responseWrapper, ctx);
55          } catch (Exception e) {
56             // Fail open in case of Exception
57             filterChain.doFilter(servletRequest, servletResponse);
58          }
59    }
60 }

Artifact	Servlet API	Use when
`perimeterx-sdk`	`javax.servlet` (Java EE 8)	Spring Boot 2.x, Tomcat 9 and earlier
`perimeterx-sdk-jakarta`	`jakarta.servlet` (Jakarta EE 9+)	Spring Boot 3.x, Tomcat 10+

Artifact

Servlet API

Use when

perimeterx-sdk

javax.servlet (Java EE 8)

Spring Boot 2.x, Tomcat 9 and earlier

perimeterx-sdk-jakarta

jakarta.servlet (Jakarta EE 9+)

Spring Boot 3.x, Tomcat 10+

Prerequisites

JDK: There are different JDK requirements depending on the artifact:

perimeterx-sdk (javax): JDK 1.7 or higher
perimeterx-sdk-jakarta: JDK 17 or higher (required by Jakarta Servlet 6/Spring Boot 3).

Your unique HUMAN information:

Your Application ID. You can find this under Platform Settings > Applications > Overview in the HUMAN console. If you have multiple environments, you will also have multiple Application IDs, so be sure to choose the correct ID for the environment you want to install on.
Your Server Token. You can find this under Platform Settings > Applications, then selecting an application and navigating to Application settings > Server token.
Your Risk Cookie Key. You can find this under Bot Defender > Policies > Policy Settings > Policy Information.

Installation

Java EE (javax.servlet)

Jakarta EE (jakarta.servlet)

Use this artifact for Spring Boot 2.x, Tomcat 9 and earlier, and other stacks that still use the javax.servlet namespace.

Add the SDK dependency

Add the following dependency to your pom.xml or build.gradle file:

1 <!-- Add perimeterx-sdk to pom.xml -->
2 <dependency>
3    <groupId>com.perimeterx</groupId>
4    <artifactId>perimeterx-sdk</artifactId>
5    <version>${VERSION}</version>
6 </dependency>

Integrate the Enforcer as a Servlet Filter

Create a filter that intercepts all incoming requests and verifies them with HUMAN. Be sure to include your HUMAN Application ID, Server Token, and Cookie Key.

You only need to include the responseWrapper section found at the end of the code example if you use Credentials Intelligence.

Servlet version >= 3.0

Servlet version < 3.0

Integration example

1 import com.perimeterx.api.PerimeterX;
2 import com.perimeterx.http.RequestWrapper;
3 import com.perimeterx.http.ResponseWrapper;
4 import com.perimeterx.models.PXContext;
5 import com.perimeterx.models.configuration.ModuleMode;
6 import com.perimeterx.models.configuration.PXConfiguration;
7 import com.perimeterx.models.exceptions.PXException;
8 import javax.servlet.*;
9 import javax.servlet.annotation.WebFilter;
10 import javax.servlet.http.HttpServletRequest;
11 import javax.servlet.http.HttpServletResponse;
12 import javax.servlet.http.HttpServletResponseWrapper;
13 import java.io.IOException;
14 
15 @WebFilter("/*")
16 public class HumanFilter implements Filter {
17    private PerimeterX enforcer;
18    @Override
19    public void init(FilterConfig filterConfig) throws ServletException {
20          try {
21             PXConfiguration config = PXConfiguration.builder()
22                     .appId("<APP_ID>") // replace with your HUMAN Application ID
23                     .cookieKey("<COOKIE_KEY>") // replace with your HUMAN Cookie Key
24                     .authToken("<AUTH_TOKEN>") // replace with your HUMAN Server Token
25                     .moduleMode(ModuleMode.BLOCKING)
26                     .build();
27             this.enforcer = new PerimeterX(config);
28          } catch (PXException e) {
29             throw new ServletException("Failed to initialize HUMAN Enforcer", e);
30          }
31    }
32    @Override
33    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
34                         FilterChain filterChain) throws IOException, ServletException {
35          HttpServletRequest req = (HttpServletRequest) servletRequest;
36          HttpServletResponse resp = (HttpServletResponse) servletResponse;
37 
38          try {
39          // Wrap the request to allow reading the body multiple times
40          req = new RequestWrapper(req);
41          // Verify the request with HUMAN
42          PXContext ctx = enforcer.pxVerify(req, new HttpServletResponseWrapper(resp));
43   
44          // Block or First Party
45          if (ctx != null && ctx.isHandledResponse()) {
46               return;
47          }
48   
49          // Pass request
50          filterChain.doFilter(req, resp);
51           
52          // Post-verify for login response validation (Credentials Intelligence)
53          ResponseWrapper responseWrapper = new ResponseWrapper(resp);
54          enforcer.pxPostVerify(responseWrapper, ctx);
55          } catch (Exception e) {
56             // Fail open in case of Exception
57             filterChain.doFilter(servletRequest, servletResponse);
58          }
59    }
60 }

1	<!-- Add perimeterx-sdk to pom.xml -->
2	<dependency>
3	<groupId>com.perimeterx</groupId>
4	<artifactId>perimeterx-sdk</artifactId>
5	<version>${VERSION}</version>
6	</dependency>

1	import com.perimeterx.api.PerimeterX;
2	import com.perimeterx.http.RequestWrapper;
3	import com.perimeterx.http.ResponseWrapper;
4	import com.perimeterx.models.PXContext;
5	import com.perimeterx.models.configuration.ModuleMode;
6	import com.perimeterx.models.configuration.PXConfiguration;
7	import com.perimeterx.models.exceptions.PXException;
8	import javax.servlet.*;
9	import javax.servlet.annotation.WebFilter;
10	import javax.servlet.http.HttpServletRequest;
11	import javax.servlet.http.HttpServletResponse;
12	import javax.servlet.http.HttpServletResponseWrapper;
13	import java.io.IOException;
14
15	@WebFilter("/*")
16	public class HumanFilter implements Filter {
17	private PerimeterX enforcer;
18	@Override
19	public void init(FilterConfig filterConfig) throws ServletException {
20	try {
21	PXConfiguration config = PXConfiguration.builder()
22	.appId("<APP_ID>") // replace with your HUMAN Application ID
23	.cookieKey("<COOKIE_KEY>") // replace with your HUMAN Cookie Key
24	.authToken("<AUTH_TOKEN>") // replace with your HUMAN Server Token
25	.moduleMode(ModuleMode.BLOCKING)
26	.build();
27	this.enforcer = new PerimeterX(config);
28	} catch (PXException e) {
29	throw new ServletException("Failed to initialize HUMAN Enforcer", e);
30	}
31	}
32	@Override
33	public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
34	FilterChain filterChain) throws IOException, ServletException {
35	HttpServletRequest req = (HttpServletRequest) servletRequest;
36	HttpServletResponse resp = (HttpServletResponse) servletResponse;
37
38	try {
39	// Wrap the request to allow reading the body multiple times
40	req = new RequestWrapper(req);
41	// Verify the request with HUMAN
42	PXContext ctx = enforcer.pxVerify(req, new HttpServletResponseWrapper(resp));
43
44	// Block or First Party
45	if (ctx != null && ctx.isHandledResponse()) {
46	return;
47	}
48
49	// Pass request
50	filterChain.doFilter(req, resp);
51
52	// Post-verify for login response validation (Credentials Intelligence)
53	ResponseWrapper responseWrapper = new ResponseWrapper(resp);
54	enforcer.pxPostVerify(responseWrapper, ctx);
55	} catch (Exception e) {
56	// Fail open in case of Exception
57	filterChain.doFilter(servletRequest, servletResponse);
58	}
59	}
60	}