Package org.tynamo.security.shiro.authc
Class AuthenticatingFilter
java.lang.Object
org.apache.shiro.web.servlet.ServletContextSupport
org.apache.shiro.web.servlet.AbstractFilter
org.apache.shiro.web.servlet.NameableFilter
org.apache.shiro.web.servlet.OncePerRequestFilter
org.apache.shiro.web.servlet.AdviceFilter
org.tynamo.security.shiro.AccessControlFilter
org.tynamo.security.shiro.authc.AuthenticationFilter
org.tynamo.security.shiro.authc.AuthenticatingFilter
- All Implemented Interfaces:
jakarta.servlet.Filter,org.apache.shiro.lang.util.Nameable
- Direct Known Subclasses:
AnonymousFilter,BasicHttpAuthenticationFilter,CasFilter,FormAuthenticationFilter
An
AuthenticationFilter that is capable of automatically performing an authentication attempt
based on the incoming request.- Since:
- 0.4.0
-
Field Summary
Fields inherited from class org.tynamo.security.shiro.AccessControlFilter
GET_METHOD, LOGIN_URL, pathMatcher, POST_METHOD, REDIRECT_TO_SAVED_URL, SUCCESS_URL, TAPESTRY_VERSION, UNAUTHORIZED_URLFields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
ALREADY_FILTERED_SUFFIXFields inherited from class org.apache.shiro.web.servlet.AbstractFilter
filterConfig -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract org.apache.shiro.authc.AuthenticationTokencreateToken(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) protected org.apache.shiro.authc.AuthenticationTokencreateToken(String username, String password, boolean rememberMe, String host) protected org.apache.shiro.authc.AuthenticationTokencreateToken(String username, String password, jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) protected booleanexecuteLogin(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) protected StringgetHost(jakarta.servlet.ServletRequest request) Returns the host name or IP associated with the current subject.protected booleanisRememberMe(jakarta.servlet.ServletRequest request) Returnstrueif "rememberMe" should be enabled for the login attempt associated with the currentrequest,falseotherwise.protected booleanonLoginFailure(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationException e, jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) protected booleanonLoginSuccess(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.subject.Subject subject, jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) Methods inherited from class org.tynamo.security.shiro.authc.AuthenticationFilter
isAccessAllowed, issueSuccessRedirectMethods inherited from class org.tynamo.security.shiro.AccessControlFilter
addConfig, getLoginContextService, getLoginUrl, getSubject, getSuccessUrl, getUnauthorizedUrl, isLoginRequest, isRedirectToSavedUrl, onAccessDenied, onAccessDenied, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl, setUnauthorizedUrlMethods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandleMethods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, isFilterOncePerRequest, setEnabled, setFilterOncePerRequest, shouldNotFilterMethods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilderMethods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfigMethods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
-
Constructor Details
-
AuthenticatingFilter
-
-
Method Details
-
executeLogin
protected boolean executeLogin(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) throws Exception - Throws:
Exception
-
createToken
protected abstract org.apache.shiro.authc.AuthenticationToken createToken(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) throws Exception - Throws:
Exception
-
createToken
-
createToken
-
onLoginSuccess
protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.subject.Subject subject, jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) throws Exception - Throws:
Exception
-
onLoginFailure
protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationException e, jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) -
getHost
Returns the host name or IP associated with the current subject. This method is primarily provided for use during construction of anAuthenticationToken. The default implementation merely returnsServletRequest.getRemoteHost().- Parameters:
request- the incoming ServletRequest- Returns:
- the
InetAddressto associate with the login attempt.
-
isRememberMe
protected boolean isRememberMe(jakarta.servlet.ServletRequest request) Returnstrueif "rememberMe" should be enabled for the login attempt associated with the currentrequest,falseotherwise. This implementation always returnsfalseand is provided as a template hook to subclasses that supportrememberMelogins and wish to determinerememberMein a custom mannner based on the currentrequest.- Parameters:
request- the incoming ServletRequest- Returns:
trueif "rememberMe" should be enabled for the login attempt associated with the currentrequest,falseotherwise.
-