Servlet filter-name OidcFilter issues

Hi all
I have a Java servlet application where on the front page it has a login which we want to convert to OKTA.
We are planning to still have a username/password login fields for users that cannot use OKTA and a seperate botton/link to for OKTA .i.e.
<a fref=’/okta">

In web.xml I defined the following to call up the OKTA login.

OidcFilter
/okta*
FORWARD
REQUEST

However I want to protect the whole site where it returns.
i.e. /*

But I do not know how to do it.

Here is my web.xml

corsFilter /*
</filter-mapping>
<filter>
    <filter-name>callbackFilter</filter-name>
    <filter-class>org.pac4j.j2e.filter.CallbackFilter</filter-class>
    <init-param>
        <param-name>defaultUrl</param-name>
        <param-value>/</param-value>
    </init-param>
    <init-param>
        <param-name>renewSession</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>multiProfile</param-name>
        <param-value>true</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>callbackFilter</filter-name>
    <url-pattern>/callback</url-pattern>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

<filter>
    <filter-name>OidcFilter</filter-name>
    <filter-class>org.pac4j.j2e.filter.SecurityFilter</filter-class>
    <init-param>
        <param-name>configFactory</param-name>
        <param-value>com.okta.developer.SecurityConfigFactory</param-value>
    </init-param>
    <init-param>
        <param-name>clients</param-name>
        <param-value>oidcClient,headerClient</param-value>
    </init-param>
    <init-param>
        <param-name>authorizers</param-name>
        <param-value>securityHeaders</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>OidcFilter</filter-name>
    <url-pattern>/okta*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

Might be helpful if you ask it also in other forums dedicated to servlet technology (or SO). As it looks like not Okta specific requirement