<login-config>
        <auth-method>FORM</auth-method>
        <realm-name>file</realm-name>
        <form-login-config>
            <form-login-page>/login.jsp</form-login-page>
            <form-error-page>/error.jsp</form-error-page>
        </form-login-config>
    </login-config>

 protected   void  processRequest(HttpServletRequest request, HttpServletResponse response)
             throws  ServletException, IOException {
        //get User Data
    } 

@WebFilter(servletNames = {"Controller"})
 public   class  SessionTimeoutFilter  implements  Filter {

    @Override
     public   void  doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws  IOException, ServletException {

        HttpServletRequest req = (HttpServletRequest) request;
        HttpSession session = req.getSession(false);
        String userPath = req.getServletPath();
         if  (userPath.equals("/if j_security_check"))
        {
             //get user data
        }

        chain.doFilter(request, response);
    }

    @Override
     public   void  init(FilterConfig filterConfig)  throws  ServletException {}

    @Override
     public   void  destroy() {}

}

@WebFilter(filterName="NewFilter", urlPatterns={"/if j_security_check"})
 public   class  NewFilter  implements  Filter {
     private   static   final   boolean  debug = true;
    // The filter configuration object we are associated with.  If
    // this value is null, this filter instance is not currently
    // configured. 
     private  FilterConfig filterConfig =  null ;

  
     public   void  doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain)
	 throws  IOException, ServletException {
        
        chain.doFilter(request, response);
         int  status = response.getStatus();
         if  {status =  200 ){
               //get user data
        } 
        
    }

    @Override
     public   void  init(FilterConfig filterConfig)  throws  ServletException {
         throw   new  UnsupportedOperationException("Not supported yet.");
    }

    @Override
     public   void  destroy() {
         throw   new  UnsupportedOperationException("Not supported yet.");
    }

}

 package  filter;
 import  java.io.IOException;
 import  javax.servlet.Filter;
 import  javax.servlet.FilterChain;
 import  javax.servlet.FilterConfig;
 import  javax.servlet.ServletException;
 import  javax.servlet.ServletRequest;
 import  javax.servlet.ServletResponse;
 import  javax.servlet.annotation.WebFilter;
 import  javax.servlet.http.HttpServletRequest;
 import  javax.servlet.http.HttpServletResponse;

@WebFilter(filterName="LoginFilter", urlPatterns={"/j_security_check"})
 public   class  LoginFilter  implements  Filter {
     public   void  doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain)
	 throws  IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
	 try  {
              chain.doFilter(request, response);
               int  status =  ((HttpServletResponse) response).getStatus();
               if  (status ==  200 ){
               //get user data
                httpRequest.getSession().setAttribute("status", status);
               } 
	}
	 catch (Throwable t) {
	    t.printStackTrace();
	}
    }

    @Override
     public   void  init(FilterConfig filterConfig) {}
    @Override
     public   void  destroy() {}
}

<p>status=${status}</p>