This is a Java servlet filter (as per Servlet API 2.3). This filter implements a well known generic approach for setting access restrictions in your web applications. And this approach is completely application servers/vendors independent.

When the user login to the application, you can store an attribute in your session scope or add a special cookie. Then access restriction filter would intercept all the requests and verify the session content or cookie content. And if the verification results failed, filter forwards the user to your login page. This would prevent unauthorized user to access the jsp pages.