nl.surfnet.coin.shindig.shiro
Class CoinAuthenticationFilter
java.lang.Object
org.apache.shiro.web.servlet.ServletContextSupport
org.apache.shiro.web.servlet.AbstractFilter
org.apache.shiro.web.servlet.NameableFilter
org.apache.shiro.web.servlet.OncePerRequestFilter
org.apache.shiro.web.servlet.AdviceFilter
org.apache.shiro.web.filter.PathMatchingFilter
org.apache.shiro.web.filter.AccessControlFilter
org.apache.shiro.web.filter.authc.AuthenticationFilter
org.apache.shiro.web.filter.authc.AuthenticatingFilter
nl.surfnet.coin.shindig.shiro.CoinAuthenticationFilter
- All Implemented Interfaces:
- javax.servlet.Filter, org.apache.shiro.util.Nameable, org.apache.shiro.web.filter.PathConfigProcessor
public class CoinAuthenticationFilter
- extends org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Author:
- steinwelberg
| Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter |
DEFAULT_SUCCESS_URL |
| Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter |
DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD |
| Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter |
appliedPaths, pathMatcher |
| Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
ALREADY_FILTERED_SUFFIX |
| Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter |
filterConfig |
|
Method Summary |
protected org.apache.shiro.authc.AuthenticationToken |
createToken(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
This method creates the authentication token with the user name & password. |
String |
getFailureKeyAttribute()
|
protected String |
getRemoteUser(javax.servlet.ServletRequest request)
Hook for subclasses to override the shibboleth default behaviour |
protected boolean |
isLoginSubmission(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
This default implementation merely returns true if the request
is an HTTP POST, false otherwise. |
protected boolean |
onAccessDenied(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
The method that is called when an access request is denied because for
instance a user is not logged in. |
protected boolean |
onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.authc.AuthenticationException e,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
The function that is triggerd on login Failure |
protected boolean |
onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.subject.Subject subject,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
The method that is called on login success, so that the issuer can go to
the original page |
protected void |
setFailureAttribute(javax.servlet.ServletRequest request,
org.apache.shiro.authc.AuthenticationException ae)
Set the reason for the authentication failure |
void |
setFailureKeyAttribute(String failureKeyAttribute)
|
void |
setLoginUrl(String loginUrl)
|
| Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter |
createToken, createToken, executeLogin, getHost, isRememberMe |
| Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter |
getSuccessUrl, isAccessAllowed, issueSuccessRedirect, setSuccessUrl |
| Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter |
getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin |
| Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter |
getPathWithinApplication, pathsMatch, pathsMatch, preHandle, processPathConfig |
| Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter |
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle |
| Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter |
doFilter, getAlreadyFilteredAttributeName, shouldNotFilter |
| Methods inherited from class org.apache.shiro.web.servlet.NameableFilter |
getName, setName, toStringBuilder |
| Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter |
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig |
| Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport |
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString |
DEFAULT_ERROR_KEY_ATTRIBUTE_NAME
public static final String DEFAULT_ERROR_KEY_ATTRIBUTE_NAME
- See Also:
- Constant Field Values
CoinAuthenticationFilter
public CoinAuthenticationFilter()
setLoginUrl
public void setLoginUrl(String loginUrl)
- Overrides:
setLoginUrl in class org.apache.shiro.web.filter.AccessControlFilter
getFailureKeyAttribute
public String getFailureKeyAttribute()
setFailureKeyAttribute
public void setFailureKeyAttribute(String failureKeyAttribute)
createToken
protected org.apache.shiro.authc.AuthenticationToken createToken(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- This method creates the authentication token with the user name & password.
- Specified by:
createToken in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Parameters:
request - the HttpServletRequestresponse - the HttpServletResponse
- Throws:
Exception
onAccessDenied
protected boolean onAccessDenied(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- The method that is called when an access request is denied because for
instance a user is not logged in. This method tries to determine whether
the login form is submitted and then calls the
executeLogin
method.
- Specified by:
onAccessDenied in class org.apache.shiro.web.filter.AccessControlFilter
- Parameters:
request - the ServletRequestresponse - the ServletResponse
- Throws:
Exception
onLoginSuccess
protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.subject.Subject subject,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
throws Exception
- The method that is called on login success, so that the issuer can go to
the original page
- Overrides:
onLoginSuccess in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Parameters:
token - the AuthenticationToken for this successful login attemptsubject - the Subject (logged in user)request - the ServletRequestresponse - the ServletResponse
- Throws:
Exception
onLoginFailure
protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
org.apache.shiro.authc.AuthenticationException e,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
- The function that is triggerd on login Failure
- Overrides:
onLoginFailure in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- Parameters:
token - the AuthenticationTokene - the AuthenticationException that was thrownrequest - the ServletRequest for this request.response - the ServletResponse for this request.
isLoginSubmission
protected boolean isLoginSubmission(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
- This default implementation merely returns
true if the request
is an HTTP POST, false otherwise. Can be
overridden by subclasses for custom login submission detection behavior.
- Parameters:
request - the incoming ServletRequestresponse - the outgoing ServletResponse.
- Returns:
true if the request is an HTTP POST,
false otherwise.
setFailureAttribute
protected void setFailureAttribute(javax.servlet.ServletRequest request,
org.apache.shiro.authc.AuthenticationException ae)
- Set the reason for the authentication failure
- Parameters:
request - the HttpServletRequest for the request that was issued.ae - the AuthenticationException that was thrown.
getRemoteUser
protected String getRemoteUser(javax.servlet.ServletRequest request)
- Hook for subclasses to override the shibboleth default behaviour
- Parameters:
request - the httpRequest
- Returns:
- the String of the logged in user
Copyright © 2007-2012. All Rights Reserved.