Implementing servlets

The PolicyCenter servlet implementation uses standard Java classes in the package javax.servlet.http to define the servlet request and response. The base class for your servlet must extend javax.servlet.http.HttpServlet directly, or extend a subclass of HttpServlet. The typical servlet methods that you implement have javax.servlet.http.HttpServletRequest and javax.servlet.http.HttpServletResponse objects as parameters.

Extending the base class javax.servlet.http.HttpServlet provides no inherent security for the servlet. By default, users can trigger servlet code without authenticating. Accessing PolicyCenter without authentication is security risk in a production system.

Warning: You must add your own authentication system for servlets to protect information and data integrity. If you have any questions about server security, contact Guidewire Customer Support.

PolicyCenter includes abstract classes that you can extend to provide authentication in the gw.servlet package. If you need your servlet to perform tasks other than simple authentication, you can use static methods on the utility class, gw.servlet.ServletUtils.

During the development of your servlet, you can send debug messages to the Studio console by using the print function. When your development is complete, you can use a logger to track information about the servlet usage. You retrieve the appropriate logger by calling the forCategory method in the gw.api.system.PCLoggerCategory class.