AuthenticationFilter (Tapestry Security 0.4.4 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.tynamo.security.shiro.authc
Class AuthenticationFilter

java.lang.Object
  org.apache.shiro.web.servlet.ServletContextSupport
      org.apache.shiro.web.servlet.AbstractFilter
          org.apache.shiro.web.servlet.NameableFilter
              org.apache.shiro.web.servlet.OncePerRequestFilter
                  org.apache.shiro.web.servlet.AdviceFilter
                      org.tynamo.security.shiro.AccessControlFilter
                          org.tynamo.security.shiro.authc.AuthenticationFilter

All Implemented Interfaces:: javax.servlet.Filter, org.apache.shiro.util.Nameable

Direct Known Subclasses:: AuthenticatingFilter

public abstract class AuthenticationFilter
extends AccessControlFilter
extends AccessControlFilter

Base class for all Filters that require the current user to be authenticated. This class encapsulates the logic of checking whether a user is already authenticated in the system while subclasses are required to perform specific logic for unauthenticated requests.

Since:: 0.9

Field Summary

Fields inherited from class org.tynamo.security.shiro.AccessControlFilter
`GET_METHOD, LOGIN_URL, pathMatcher, POST_METHOD, REDIRECT_TO_SAVED_URL, SUCCESS_URL, UNAUTHORIZED_URL`

Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
`ALREADY_FILTERED_SUFFIX`

Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
`filterConfig`

Constructor Summary
`AuthenticationFilter(PageService pageService)`

Method Summary
`protected boolean`	`isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, java.lang.Object mappedValue)` Determines whether the current subject is authenticated.
`protected void`	`issueSuccessRedirect(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)` Redirects to user to the previously attempted URL after a successful login.

Methods inherited from class org.tynamo.security.shiro.AccessControlFilter
`addConfig, getLoginUrl, getPageService, getSubject, getSuccessUrl, getUnauthorizedUrl, isLoginRequest, isRedirectToSavedUrl, onAccessDenied, onAccessDenied, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl, setUnauthorizedUrl`

Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
`afterCompletion, cleanup, doFilterInternal, executeChain, postHandle`

Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
`doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter`

Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
`getName, setName, toStringBuilder`

Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
`destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig`

Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
`getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Constructor Detail

AuthenticationFilter

public AuthenticationFilter(PageService pageService)

Method Detail

isAccessAllowed

protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
                                  javax.servlet.ServletResponse response,
                                  java.lang.Object mappedValue)

Determines whether the current subject is authenticated.

The default implementation acquires the currently executing Subject and then returns subject.isAuthenticated();

Specified by:: isAccessAllowed in class AccessControlFilter

Parameters:: request - the incoming ServletRequest; response - the outgoing ServletResponse; mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
Returns:: true if the subject is authenticated; false if the subject is unauthenticated

issueSuccessRedirect

protected void issueSuccessRedirect(javax.servlet.ServletRequest request,
                                    javax.servlet.ServletResponse response)
                             throws java.lang.Exception

Redirects to user to the previously attempted URL after a successful login. This implementation simply calls WebUtils.redirectToSavedRequest using the successUrl as the fallbackUrl argument to that call.

Parameters:: request - the incoming request; response - the outgoing response
Throws:: java.lang.Exception - if there is a problem redirecting.