org.camunda.bpm.engine.rest.security.auth
Class ProcessEngineAuthenticationFilter
java.lang.Object
org.camunda.bpm.engine.rest.security.auth.ProcessEngineAuthenticationFilter
- All Implemented Interfaces:
- javax.servlet.Filter
public class ProcessEngineAuthenticationFilter
- extends Object
- implements javax.servlet.Filter
Servlet filter to plug in authentication.
Valid init-params:
| Parameter | Required | Expected value |
|---|
| "authentication-provider" | yes | An implementation of AuthenticationProvider |
| "rest-url-pattern-prefix" |
no |
The expected servlet path. Should only be set, if the underlying JAX-RS application is not deployed as a servlet (e.g. Resteasy allows deployments
as a servlet filter). Value has to match what would be the HttpServletRequest.getServletPath() if it was deployed as a servlet. |
- Author:
- Thorben Lindhauer
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
WHITE_LISTED_URL_PATTERNS
protected static final Pattern[] WHITE_LISTED_URL_PATTERNS
ENGINE_REQUEST_URL_PATTERN
protected static final Pattern ENGINE_REQUEST_URL_PATTERN
DEFAULT_ENGINE_NAME
protected static final String DEFAULT_ENGINE_NAME
- See Also:
- Constant Field Values
AUTHENTICATION_PROVIDER_PARAM
public static final String AUTHENTICATION_PROVIDER_PARAM
- See Also:
- Constant Field Values
SERVLET_PATH_PREFIX
public static final String SERVLET_PATH_PREFIX
- See Also:
- Constant Field Values
authenticationProvider
protected AuthenticationProvider authenticationProvider
servletPathPrefix
protected String servletPathPrefix
ProcessEngineAuthenticationFilter
public ProcessEngineAuthenticationFilter()
init
public void init(javax.servlet.FilterConfig filterConfig)
throws javax.servlet.ServletException
- Specified by:
init in interface javax.servlet.Filter
- Throws:
javax.servlet.ServletException
doFilter
public void doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
- Specified by:
doFilter in interface javax.servlet.Filter
- Throws:
IOException
javax.servlet.ServletException
destroy
public void destroy()
- Specified by:
destroy in interface javax.servlet.Filter
setAuthenticatedUser
protected void setAuthenticatedUser(ProcessEngine engine,
String userId)
getGroupsOfUser
protected List<String> getGroupsOfUser(ProcessEngine engine,
String userId)
getTenantsOfUser
protected List<String> getTenantsOfUser(ProcessEngine engine,
String userId)
clearAuthentication
protected void clearAuthentication(ProcessEngine engine)
requiresEngineAuthentication
protected boolean requiresEngineAuthentication(String requestUrl)
extractEngineName
protected String extractEngineName(String requestUrl)
- May not return null
getAddressedEngine
protected ProcessEngine getAddressedEngine(String engineName)
Copyright © 2016 camunda services GmbH. All rights reserved.