IG 2023.2


The DataPreservationFilter triggers POST data preservation when an unauthenticated client posts HTML form data to a protected resource.

When an authentication redirect is triggered, the filter stores the data in the HTTP session, and redirects the client for authentication. After authentication, the filter generates an empty self-submitting form POST to emulate the original POST. It then replays the stored data into the request before passing it along the chain.

The data can be any POST content, such as HTML form data or a file upload.

For more information, refer to POST data preservation.


  "type": "DataPreservationFilter",
  "config": {
    "noJavaScriptMessage": configuration expression<string>,
    "maxContentLength": configuration expression<positive integer>


"noJavaScriptMessage": configuration expression<string>, optional

JavaScript is used to replay the preserved data from the original POST that triggered the login redirect. This property configures a message to display if the user-agent does not support JavaScript.

Default: Javascript is disabled in your browser, click on this button to replay the preserved original request

"maxContentLength": configuration expression<positive integer>, optional

The maximum number of bytes of POST data the filter can preserve. The size is taken from the Content-Length header.

Default: 4096


For an example of use, refer to POST data preservation.

Copyright © 2010-2023 ForgeRock, all rights reserved.