public class ProcessEngineAuthenticationFilter extends Object implements javax.servlet.Filter
Servlet filter to plug in authentication.
Valid init-params:
| Parameter | Required | Expected value |
|---|---|---|
| "authentication-provider" | yes | An implementation of AuthenticationProvider |
| "rest-url-pattern-prefix" | no | The expected servlet path. Should only be set, if the underlying JAX-RS application is not deployed as a servlet (e.g. Resteasy allows deployments
as a servlet filter). Value has to match what would be the HttpServletRequest.getServletPath() if it was deployed as a servlet. |
| Modifier and Type | Field and Description |
|---|---|
static String |
AUTHENTICATION_PROVIDER_PARAM |
protected AuthenticationProvider |
authenticationProvider |
protected static String |
DEFAULT_ENGINE_NAME |
protected static Pattern |
ENGINE_REQUEST_URL_PATTERN |
static String |
SERVLET_PATH_PREFIX |
protected String |
servletPathPrefix |
protected static Pattern[] |
WHITE_LISTED_URL_PATTERNS |
| Constructor and Description |
|---|
ProcessEngineAuthenticationFilter() |
| Modifier and Type | Method and Description |
|---|---|
protected void |
clearAuthentication(ProcessEngine engine) |
void |
destroy() |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain) |
protected String |
extractEngineName(String requestUrl)
May not return null
|
protected ProcessEngine |
getAddressedEngine(String engineName) |
protected List<String> |
getGroupsOfUser(ProcessEngine engine,
String userId) |
protected List<String> |
getTenantsOfUser(ProcessEngine engine,
String userId) |
void |
init(javax.servlet.FilterConfig filterConfig) |
protected boolean |
requiresEngineAuthentication(String requestUrl) |
protected void |
setAuthenticatedUser(ProcessEngine engine,
String userId,
List<String> groupIds,
List<String> tenantIds) |
protected static final Pattern[] WHITE_LISTED_URL_PATTERNS
protected static final Pattern ENGINE_REQUEST_URL_PATTERN
protected static final String DEFAULT_ENGINE_NAME
public static final String AUTHENTICATION_PROVIDER_PARAM
public static final String SERVLET_PATH_PREFIX
protected AuthenticationProvider authenticationProvider
protected String servletPathPrefix
public void init(javax.servlet.FilterConfig filterConfig)
throws javax.servlet.ServletException
init in interface javax.servlet.Filterjavax.servlet.ServletExceptionpublic void doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
doFilter in interface javax.servlet.FilterIOExceptionjavax.servlet.ServletExceptionpublic void destroy()
destroy in interface javax.servlet.Filterprotected void setAuthenticatedUser(ProcessEngine engine, String userId, List<String> groupIds, List<String> tenantIds)
protected List<String> getGroupsOfUser(ProcessEngine engine, String userId)
protected List<String> getTenantsOfUser(ProcessEngine engine, String userId)
protected void clearAuthentication(ProcessEngine engine)
protected boolean requiresEngineAuthentication(String requestUrl)
protected ProcessEngine getAddressedEngine(String engineName)
Copyright © 2013–2021 camunda services GmbH. All rights reserved.