AuthenticationFilter (Tapestry Security 0.6.4 API)

java.lang.Object
- org.apache.shiro.web.servlet.ServletContextSupport
- - org.apache.shiro.web.servlet.AbstractFilter
  - - org.apache.shiro.web.servlet.NameableFilter
    - - org.apache.shiro.web.servlet.OncePerRequestFilter
      - org.apache.shiro.web.servlet.AdviceFilter
        
        org.tynamo.security.shiro.AccessControlFilter
        
        org.tynamo.security.shiro.authc.AuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter, org.apache.shiro.util.Nameable

Direct Known Subclasses:

AuthenticatingFilter
```
public abstract class AuthenticationFilter
extends AccessControlFilter
```
Base class for all Filters that require the current user to be authenticated. This class encapsulates the logic of checking whether a user is already authenticated in the system while subclasses are required to perform specific logic for unauthenticated requests.

Since:

0.9

Field Summary
- Fields inherited from class org.tynamo.security.shiro.AccessControlFilter
  GET_METHOD, LOGIN_URL, pathMatcher, POST_METHOD, REDIRECT_TO_SAVED_URL, SUCCESS_URL, TAPESTRY_VERSION, UNAUTHORIZED_URL
- Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
  ALREADY_FILTERED_SUFFIX
- Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
  filterConfig

Constructor Summary

Constructors
Constructor and Description

AuthenticationFilter(LoginContextService loginContextService)

Constructors
Constructor and Description
`AuthenticationFilter(LoginContextService loginContextService)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected boolean`	`isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)` Determines whether the current subject is authenticated.
`protected void`	`issueSuccessRedirect(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)` Redirects to user to the previously attempted URL after a successful login.

Methods inherited from class org.tynamo.security.shiro.AccessControlFilter
addConfig, getLoginContextService, getLoginUrl, getSubject, getSuccessUrl, getUnauthorizedUrl, isLoginRequest, isRedirectToSavedUrl, onAccessDenied, onAccessDenied, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl, setUnauthorizedUrl

Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle

Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter

Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder

Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig

Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - AuthenticationFilter
```
public AuthenticationFilter(LoginContextService loginContextService)
```
- Method Detail
  - isAccessAllowed
```
protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
                                  javax.servlet.ServletResponse response,
                                  Object mappedValue)
```
    Determines whether the current subject is authenticated.
    The default implementation acquires the currently executing Subject and then returns subject.isAuthenticated();
    
    Specified by:
    
    isAccessAllowed in class AccessControlFilter
    
    Parameters:
    
    request - the incoming ServletRequest
    
    response - the outgoing ServletResponse
    
    mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
    
    Returns:
    
    true if the subject is authenticated; false if the subject is unauthenticated
  - issueSuccessRedirect
```
protected void issueSuccessRedirect(javax.servlet.ServletRequest request,
                                    javax.servlet.ServletResponse response)
                             throws Exception
```
    Redirects to user to the previously attempted URL after a successful login. This implementation simply calls WebUtils.redirectToSavedRequest using the successUrl as the fallbackUrl argument to that call.
    
    Parameters:
    
    request - the incoming request
    
    response - the outgoing response
    
    Throws:
    
    Exception - if there is a problem redirecting.

Class AuthenticationFilter

Field Summary

Fields inherited from class org.tynamo.security.shiro.AccessControlFilter

Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter

Constructor Summary

Method Summary

Methods inherited from class org.tynamo.security.shiro.AccessControlFilter

Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter

Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

Methods inherited from class org.apache.shiro.web.servlet.NameableFilter

Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter

Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport

Methods inherited from class java.lang.Object

Constructor Detail

AuthenticationFilter

Method Detail

isAccessAllowed

issueSuccessRedirect