Package org.camunda.bpm.engine.rest.security.auth

Class ProcessEngineAuthenticationFilter

  • All Implemented Interfaces:
    javax.servlet.Filter
    public class ProcessEngineAuthenticationFilter
extends Object
implements javax.servlet.Filter

    Servlet filter to plug in authentication.

    Valid init-params:

    ParameterRequiredExpected value
    "authentication-provider"yesAn implementation of AuthenticationProvider
    "rest-url-pattern-prefix" no The expected servlet path. Should only be set, if the underlying JAX-RS application is not deployed as a servlet (e.g. Resteasy allows deployments as a servlet filter). Value has to match what would be the HttpServletRequest.getServletPath() if it was deployed as a servlet.
    Author:
    Thorben Lindhauer

    • Constructor Detail

      • ProcessEngineAuthenticationFilter

        public ProcessEngineAuthenticationFilter()

    • Method Detail

      • init

        public void init​(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException
        Specified by:
        init in interface javax.servlet.Filter
        Throws:
        javax.servlet.ServletException

      • doFilter

        public void doFilter​(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
        Specified by:
        doFilter in interface javax.servlet.Filter
        Throws:
        IOException
        javax.servlet.ServletException

      • destroy

        public void destroy()
        Specified by:
        destroy in interface javax.servlet.Filter

      • setAuthenticatedUser

        protected void setAuthenticatedUser​(org.camunda.bpm.engine.ProcessEngine engine,
                                    String userId,
                                    List<String> groupIds,
                                    List<String> tenantIds)

      • getGroupsOfUser

        protected List<String> getGroupsOfUser​(org.camunda.bpm.engine.ProcessEngine engine,
                                       String userId)

      • getTenantsOfUser

        protected List<String> getTenantsOfUser​(org.camunda.bpm.engine.ProcessEngine engine,
                                        String userId)

      • clearAuthentication

        protected void clearAuthentication​(org.camunda.bpm.engine.ProcessEngine engine)

      • requiresEngineAuthentication

        protected boolean requiresEngineAuthentication​(String requestUrl)

      • extractEngineName

        protected String extractEngineName​(String requestUrl)
        May not return null

      • getAddressedEngine

        protected org.camunda.bpm.engine.ProcessEngine getAddressedEngine​(String engineName)