org.tynamo.security.shiro.authz
Class SslFilter
java.lang.Object
org.apache.shiro.web.servlet.ServletContextSupport
org.apache.shiro.web.servlet.AbstractFilter
org.apache.shiro.web.servlet.NameableFilter
org.apache.shiro.web.servlet.OncePerRequestFilter
org.apache.shiro.web.servlet.AdviceFilter
org.tynamo.security.shiro.AccessControlFilter
org.tynamo.security.shiro.authz.AuthorizationFilter
org.tynamo.security.shiro.authz.PortFilter
org.tynamo.security.shiro.authz.SslFilter
- All Implemented Interfaces:
- javax.servlet.Filter, org.apache.shiro.util.Nameable
public class SslFilter
- extends PortFilter
A copy of Shiro's 1.2.0 SslFilter that works with tapestry-security 0.4.x
Filter which requires a request to be over SSL. Access is allowed if the request is received on the configured
server port and the
request.isSecure(). If either condition is false,
the filter chain will not continue.
The port property defaults to 443 and also additionally guarantees that the
request scheme is always 'https' (except for port 80, which retains the 'http' scheme).
- Since:
- 0.4.1
| Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
ALREADY_FILTERED_SUFFIX |
| Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter |
filterConfig |
|
Method Summary |
protected String |
getScheme(String requestScheme,
int port)
|
protected boolean |
isAccessAllowed(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
Object mappedValue)
Retains the parent method's port-matching behavior but additionally guarantees that the
ServletRequest.isSecure(). |
| Methods inherited from class org.tynamo.security.shiro.AccessControlFilter |
addConfig, getLoginContextService, getLoginUrl, getSubject, getSuccessUrl, isLoginRequest, isRedirectToSavedUrl, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl |
| Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter |
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle |
| Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter |
| Methods inherited from class org.apache.shiro.web.servlet.NameableFilter |
getName, setName, toStringBuilder |
| Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter |
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig |
| Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport |
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString |
DEFAULT_HTTPS_PORT
public static final int DEFAULT_HTTPS_PORT
- See Also:
- Constant Field Values
HTTPS_SCHEME
public static final String HTTPS_SCHEME
- See Also:
- Constant Field Values
SslFilter
public SslFilter(LoginContextService loginContextService)
getScheme
protected String getScheme(String requestScheme,
int port)
- Overrides:
getScheme in class PortFilter
isAccessAllowed
protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
Object mappedValue)
throws Exception
- Retains the parent method's port-matching behavior but additionally guarantees that the
ServletRequest.isSecure(). If the port does not match or
the request is not secure, access is denied.
- Overrides:
isAccessAllowed in class PortFilter
- Parameters:
request - the incoming ServletRequestresponse - the outgoing ServletResponse - ignored in this implementationmappedValue - the filter-specific config value mapped to this filter in the URL rules mappings - ignored by this implementation.
- Returns:
true if the request is received on an expected SSL port and the
request.isSecure(), false otherwise.
- Throws:
Exception - if the call to super.isAccessAllowed throws an exception.- Since:
- 0.4.1
Copyright © 2004-2013. All Rights Reserved.