Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.tynamo.security.shiro.authc
Class CasFilter

java.lang.Object
  extended by org.apache.shiro.web.servlet.ServletContextSupport
      extended by org.apache.shiro.web.servlet.AbstractFilter
          extended by org.apache.shiro.web.servlet.NameableFilter
              extended by org.apache.shiro.web.servlet.OncePerRequestFilter
                  extended by org.apache.shiro.web.servlet.AdviceFilter
                      extended by org.tynamo.security.shiro.AccessControlFilter
                          extended by org.tynamo.security.shiro.authc.AuthenticationFilter
                              extended by org.tynamo.security.shiro.authc.AuthenticatingFilter
                                  extended by org.tynamo.security.shiro.authc.CasFilter
All Implemented Interfaces:
javax.servlet.Filter, org.apache.shiro.util.Nameable
public class CasFilter
extends AuthenticatingFilter

This filter validates the CAS service ticket to authenticate the user. It must be configured on the URL recognized by the CAS server. For example, in shiro.ini: 

 [main]
 casFilter = org.apache.shiro.cas.CasFilter
 ...

 [urls]
 /shiro-cas = casFilter
 ...
(example : http://host:port/mycontextpath/shiro-cas)

Since:
1.2

Field Summary
 
Fields inherited from class org.tynamo.security.shiro.AccessControlFilter
GET_METHOD, LOGIN_URL, pathMatcher, POST_METHOD, REDIRECT_TO_SAVED_URL, SUCCESS_URL, UNAUTHORIZED_URL
 
Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
 
Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
filterConfig
 
Constructor Summary
CasFilter(LoginContextService loginContextService)
           
 
Method Summary
protected  org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
          The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).
protected  boolean isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, java.lang.Object mappedValue)
          Returns false to always force authentication (user is never considered authenticated by this filter).
protected  boolean onAccessDenied(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
          Execute login by creating token and logging subject with this token.
protected  boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationException ae, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
          If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.
protected  boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.subject.Subject subject, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
          If login has been successful, redirect user to the original protected url.
 void setFailureUrl(java.lang.String failureUrl)
           
 
Methods inherited from class org.tynamo.security.shiro.authc.AuthenticatingFilter
createToken, createToken, executeLogin, getHost, isRememberMe
 
Methods inherited from class org.tynamo.security.shiro.authc.AuthenticationFilter
issueSuccessRedirect
 
Methods inherited from class org.tynamo.security.shiro.AccessControlFilter
addConfig, getLoginContextService, getLoginUrl, getSubject, getSuccessUrl, getUnauthorizedUrl, isLoginRequest, isRedirectToSavedUrl, onAccessDenied, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl, setUnauthorizedUrl
 
Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle
 
Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
 
Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder
 
Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
 
Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

CasFilter

public CasFilter(LoginContextService loginContextService)
Method Detail

createToken

protected org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request,
                                                                 javax.servlet.ServletResponse response)
                                                          throws java.lang.Exception
The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).

Specified by:
createToken in class AuthenticatingFilter
Parameters:
request - the incoming request
response - the outgoing response
Throws:
java.lang.Exception - if there is an error processing the request.

onAccessDenied

protected boolean onAccessDenied(javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)
                          throws java.lang.Exception
Execute login by creating token and logging subject with this token.

Specified by:
onAccessDenied in class AccessControlFilter
Parameters:
request - the incoming request
response - the outgoing response
Returns:
true if the request should continue to be processed; false if the subclass will handle/render the response directly.
Throws:
java.lang.Exception - if there is an error processing the request.

isAccessAllowed

protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
                                  javax.servlet.ServletResponse response,
                                  java.lang.Object mappedValue)
Returns false to always force authentication (user is never considered authenticated by this filter).

Overrides:
isAccessAllowed in class AuthenticationFilter
Parameters:
request - the incoming request
response - the outgoing response
mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
Returns:
false

onLoginSuccess

protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
                                 org.apache.shiro.subject.Subject subject,
                                 javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)
                          throws java.lang.Exception
If login has been successful, redirect user to the original protected url.

Overrides:
onLoginSuccess in class AuthenticatingFilter
Parameters:
token - the token representing the current authentication
subject - the current authenticated subjet
request - the incoming request
response - the outgoing response
Throws:
java.lang.Exception - if there is an error processing the request.

onLoginFailure

protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
                                 org.apache.shiro.authc.AuthenticationException ae,
                                 javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)
If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.

Overrides:
onLoginFailure in class AuthenticatingFilter
Parameters:
token - the token representing the current authentication
ae - the current authentication exception
request - the incoming request
response - the outgoing response

setFailureUrl

public void setFailureUrl(java.lang.String failureUrl)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2012. All Rights Reserved.