Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.tynamo.security.shiro.authc
Class AuthenticatingFilter

java.lang.Object
  extended by org.apache.shiro.web.servlet.ServletContextSupport
      extended by org.apache.shiro.web.servlet.AbstractFilter
          extended by org.apache.shiro.web.servlet.NameableFilter
              extended by org.apache.shiro.web.servlet.OncePerRequestFilter
                  extended by org.apache.shiro.web.servlet.AdviceFilter
                      extended by org.tynamo.security.shiro.AccessControlFilter
                          extended by org.tynamo.security.shiro.authc.AuthenticationFilter
                              extended by org.tynamo.security.shiro.authc.AuthenticatingFilter
All Implemented Interfaces:
javax.servlet.Filter, org.apache.shiro.util.Nameable
Direct Known Subclasses:
AnonymousFilter, BasicHttpAuthenticationFilter, FormAuthenticationFilter
public abstract class AuthenticatingFilter
extends AuthenticationFilter

An AuthenticationFilter that is capable of automatically performing an authentication attempt based on the incoming request.

Since:
0.4.0

Field Summary
 
Fields inherited from class org.tynamo.security.shiro.AccessControlFilter
GET_METHOD, LOGIN_URL, pathMatcher, POST_METHOD, REDIRECT_TO_SAVED_URL, SUCCESS_URL, UNAUTHORIZED_URL
 
Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
 
Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
filterConfig
 
Constructor Summary
AuthenticatingFilter(PageService pageService)
           
 
Method Summary
protected abstract  org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
           
protected  org.apache.shiro.authc.AuthenticationToken createToken(java.lang.String username, java.lang.String password, boolean rememberMe, java.lang.String host)
           
protected  org.apache.shiro.authc.AuthenticationToken createToken(java.lang.String username, java.lang.String password, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
           
protected  boolean executeLogin(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
           
protected  java.lang.String getHost(javax.servlet.ServletRequest request)
          Returns the host name or IP associated with the current subject.
protected  boolean isRememberMe(javax.servlet.ServletRequest request)
          Returns true if "rememberMe" should be enabled for the login attempt associated with the current request, false otherwise.
protected  boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationException e, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
           
protected  boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.subject.Subject subject, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
           
 
Methods inherited from class org.tynamo.security.shiro.authc.AuthenticationFilter
isAccessAllowed, issueSuccessRedirect
 
Methods inherited from class org.tynamo.security.shiro.AccessControlFilter
addConfig, getLoginUrl, getPageService, getSubject, getSuccessUrl, getUnauthorizedUrl, isLoginRequest, isRedirectToSavedUrl, onAccessDenied, onAccessDenied, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl, setUnauthorizedUrl
 
Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle
 
Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
 
Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder
 
Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
 
Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AuthenticatingFilter

public AuthenticatingFilter(PageService pageService)
Method Detail

executeLogin

protected boolean executeLogin(javax.servlet.ServletRequest request,
                               javax.servlet.ServletResponse response)
                        throws java.lang.Exception
Throws:
java.lang.Exception

createToken

protected abstract org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request,
                                                                          javax.servlet.ServletResponse response)
                                                                   throws java.lang.Exception
Throws:
java.lang.Exception

createToken

protected org.apache.shiro.authc.AuthenticationToken createToken(java.lang.String username,
                                                                 java.lang.String password,
                                                                 javax.servlet.ServletRequest request,
                                                                 javax.servlet.ServletResponse response)

createToken

protected org.apache.shiro.authc.AuthenticationToken createToken(java.lang.String username,
                                                                 java.lang.String password,
                                                                 boolean rememberMe,
                                                                 java.lang.String host)

onLoginSuccess

protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
                                 org.apache.shiro.subject.Subject subject,
                                 javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)
                          throws java.lang.Exception
Throws:
java.lang.Exception

onLoginFailure

protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
                                 org.apache.shiro.authc.AuthenticationException e,
                                 javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)

getHost

protected java.lang.String getHost(javax.servlet.ServletRequest request)
Returns the host name or IP associated with the current subject. This method is primarily provided for use during construction of an AuthenticationToken.

The default implementation merely returns ServletRequest.getRemoteHost().

Parameters:
request - the incoming ServletRequest
Returns:
the InetAddress to associate with the login attempt.

isRememberMe

protected boolean isRememberMe(javax.servlet.ServletRequest request)
Returns true if "rememberMe" should be enabled for the login attempt associated with the current request, false otherwise.

This implementation always returns false and is provided as a template hook to subclasses that support rememberMe logins and wish to determine rememberMe in a custom mannner based on the current request.

Parameters:
request - the incoming ServletRequest
Returns:
true if "rememberMe" should be enabled for the login attempt associated with the current request, false otherwise.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2012. All Rights Reserved.