org.tynamo.security.shiro.authc
Class AuthenticatingFilter
java.lang.Object
org.apache.shiro.web.servlet.ServletContextSupport
org.apache.shiro.web.servlet.AbstractFilter
org.apache.shiro.web.servlet.NameableFilter
org.apache.shiro.web.servlet.OncePerRequestFilter
org.apache.shiro.web.servlet.AdviceFilter
org.tynamo.security.shiro.AccessControlFilter
org.tynamo.security.shiro.authc.AuthenticationFilter
org.tynamo.security.shiro.authc.AuthenticatingFilter
- All Implemented Interfaces:
- javax.servlet.Filter, org.apache.shiro.util.Nameable
- Direct Known Subclasses:
- AnonymousFilter, BasicHttpAuthenticationFilter, CasFilter, FormAuthenticationFilter
public abstract class AuthenticatingFilter
- extends AuthenticationFilter
An AuthenticationFilter that is capable of automatically performing an authentication attempt
based on the incoming request.
- Since:
- 0.4.0
| Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
ALREADY_FILTERED_SUFFIX |
| Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter |
filterConfig |
|
Method Summary |
protected abstract org.apache.shiro.authc.AuthenticationToken |
createToken(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
|
protected org.apache.shiro.authc.AuthenticationToken |
createToken(String username,
String password,
boolean rememberMe,
String host)
|
protected org.apache.shiro.authc.AuthenticationToken |
createToken(String username,
String password,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
|
protected boolean |
executeLogin(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
|
protected String |
getHost(javax.servlet.ServletRequest request)
Returns the host name or IP associated with the current subject. |
protected boolean |
isRememberMe(javax.servlet.ServletRequest request)
Returns true if "rememberMe" should be enabled for the login attempt associated with the
current request, false otherwise. |
protected boolean |
onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.authc.AuthenticationException e,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
|
protected boolean |
onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.subject.Subject subject,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
|
| Methods inherited from class org.tynamo.security.shiro.AccessControlFilter |
addConfig, getLoginContextService, getLoginUrl, getSubject, getSuccessUrl, getUnauthorizedUrl, isLoginRequest, isRedirectToSavedUrl, onAccessDenied, onAccessDenied, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl, setUnauthorizedUrl |
| Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter |
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle |
| Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter |
| Methods inherited from class org.apache.shiro.web.servlet.NameableFilter |
getName, setName, toStringBuilder |
| Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter |
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig |
| Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport |
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString |
AuthenticatingFilter
public AuthenticatingFilter(LoginContextService loginContextService)
executeLogin
protected boolean executeLogin(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- Throws:
Exception
createToken
protected abstract org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- Throws:
Exception
createToken
protected org.apache.shiro.authc.AuthenticationToken createToken(String username,
String password,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
createToken
protected org.apache.shiro.authc.AuthenticationToken createToken(String username,
String password,
boolean rememberMe,
String host)
onLoginSuccess
protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.subject.Subject subject,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- Throws:
Exception
onLoginFailure
protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.authc.AuthenticationException e,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
getHost
protected String getHost(javax.servlet.ServletRequest request)
- Returns the host name or IP associated with the current subject. This method is primarily provided for use
during construction of an
AuthenticationToken.
The default implementation merely returns ServletRequest.getRemoteHost().
- Parameters:
request - the incoming ServletRequest
- Returns:
- the
InetAddress to associate with the login attempt.
isRememberMe
protected boolean isRememberMe(javax.servlet.ServletRequest request)
- Returns
true if "rememberMe" should be enabled for the login attempt associated with the
current request, false otherwise.
This implementation always returns false and is provided as a template hook to subclasses that
support rememberMe logins and wish to determine rememberMe in a custom mannner
based on the current request.
- Parameters:
request - the incoming ServletRequest
- Returns:
true if "rememberMe" should be enabled for the login attempt associated with the
current request, false otherwise.
Copyright © 2004-2013. All Rights Reserved.