|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.norther.tammi.core.base.Adaptee org.norther.tammi.spray.filter.DefaultFilter org.norther.tammi.spray.authenticator.AbstractAuthenticatorFilter
public abstract class AbstractAuthenticatorFilter
An abstract implementation of AuthenticatorFilter providing the base functionality for subclasses implementing specific authentication schemes.
This implementation requires that the principal has READ permission to the path info of the request in addition to authentication to allow filtering of the request to continue. Note that undefined permissions imply full access to everyone.
Based on AuthenticatorBase
in the Apache Jakarta Tomcat project.
Field Summary | |
---|---|
static String |
DEFAULT_USER_ACCOUNT_ID_ATTIBUTE
The default account id attribute. |
Fields inherited from class org.norther.tammi.core.base.Adaptee |
---|
ADAPTEE_NOTIF_DESCRIPTION, ADAPTEE_NOTIFICATIONS |
Constructor Summary | |
---|---|
AbstractAuthenticatorFilter()
Constructs a new filter. |
Method Summary | |
---|---|
abstract Principal |
authenticate(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Authenticates a request within the realm of this filter. |
Principal |
authenticate(Principal principal,
HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Authenticates a principal within the realm of this filter. |
Principal |
authenticate(String user,
String pswd,
HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Authenticates a user within the realm of this filter. |
protected void |
decrementLoginAttempts(HttpServletRequest request)
Deccrements login attempts of the specified request by one. |
void |
doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
|
String |
getAuthDomain()
Gets the authentication domain. |
protected StringBuilder |
getAuthenticationURL(String host,
boolean secure,
String service,
String pipe,
String flow,
String page,
HttpServletRequest request,
HttpServletResponse response,
HttpFilterChain chain)
Gets the authentication URL. |
abstract String |
getAuthType()
Gets the authentication scheme. |
protected String |
getCredentials(HttpServletRequest request)
Gets the credentials from the HTTP authorization header. |
String |
getFaultyUser(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Gets the faulty user of the specified request. |
int |
getLoginAttempts()
Gets the number of allowed login attempts. |
int |
getLoginAttempts(HttpServletRequest request)
Gets the number of performed login attempts for the specified request. |
String |
getLogoutFlow()
Gets the logout flow. |
String |
getLogoutHost()
Gets the logout host. |
String |
getLogoutPipe()
Gets the logout pipe. |
String |
getLogoutService()
Gets the logout service. |
String |
getLogoutTemplate()
Gets the logout template. |
String |
getLogoutURI()
Gets the logout URI. |
StringBuilder |
getLogoutURL(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Gets the logout URL, with the scheme, host and port if required, for the specified request. |
String |
getPublicRealmName()
Gets the public name of the realm. |
protected Realm |
getRealm()
Gets the refernt of the realm MBean associated to this authenticator. |
String |
getRealmDomain()
Gets the realm domain. |
ObjectName |
getRealmName()
Gets the user authentication realm. |
String |
getUnauthorizedTemplate()
Gets the unauthorized template. |
StringBuilder |
getUserURL(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Gets the user URL for the specified request. |
protected void |
incrementLoginAttempts(HttpServletRequest request)
Increments login attempts of the specified request by one. |
boolean |
isAnonymousPrincipalAccepted()
Checks whether anonymous principals optionally provided by attached realms are accepted. |
boolean |
isAuthenticationRequired()
Checks whether authentication is required for unidentified requests. |
boolean |
isAutoLoginEnabled(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Checks whether automatic login is enabled for the specified request. |
boolean |
isCachedPrincipalDiscarded()
Checks whether principals authenticated and cached by other authentication objects are discarded and re-authenticated. |
boolean |
isUserInRole(Principal principal,
String role)
Checks whether the specified principal is in the specified security role within the context of the realm of this filter. |
void |
postmanaged()
This method is called when the implementing adaptee has been managed either during post-registration of the corresponding adapter MBean or just after it is explicitly added to the adapter MBean during run-time. |
void |
setAnonymousPrincipalAccepted(boolean flag)
Sets whether anonymous principals optionally provided by attached realms are accepted. |
void |
setAuthDomain(String domain)
Sets the the authentication domain. |
void |
setAuthenticationRequired(boolean flag)
Sets the authentication required flag. |
void |
setAutoLoginEnabled(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain,
boolean flag)
Sets whether automatic login is enabled for the specified request. |
void |
setCachedPrincipalDiscarded(boolean flag)
Sets whether principals authenticated and cached by other authentication objects are discarded and re-authenticated. |
protected void |
setFaultyUser(HttpServletRequest request,
String username)
Sets the faulty user of the specified request. |
void |
setLoginAttempts(int count)
Sets the number of allowed login attempts. |
void |
setLogoutFlow(String flow)
Sets the logout flow. |
void |
setLogoutHost(String host)
Sets the logout host. |
void |
setLogoutPipe(String pipe)
Sets the logout pipe. |
void |
setLogoutService(String service)
Sets the logout service. |
void |
setLogoutTemplate(String template)
Sets the logout template. |
void |
setLogoutURI(String uri)
Sets the logout URI. |
void |
setPublicRealmName(String name)
Sets the public name of the realm. |
void |
setRealmName(ObjectName realm)
Sets the user authentication realm. |
void |
setUnauthorizedTemplate(String template)
Sets the unauthorized template. |
void |
unauthenticated(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
A handler for unauthenticated requests that should provide an opportunity for the user to re-authenticate himself. |
void |
unmanaged()
This method is called when the implementing adaptee is unmanaged either during pre-deregistration of the corresponding adapter MBean or just before it is explicitly removed from the adapter MBean during run-time. |
protected Principal |
verifyAuthentication(Principal principal,
HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
Verifies whether authentication is required. |
Methods inherited from class org.norther.tammi.spray.filter.DefaultFilter |
---|
destroy, getFilterConfig, getRequestMap, getSessionMap, init |
Methods inherited from class org.norther.tammi.core.base.Adaptee |
---|
addAdaptee, addNotificationListener, getAttributeSupport, getBroker, getCanonicalName, getDomain, getFactory, getLoader, getLog, getLog, getMBean, getMBeanServer, getNotificationInfo, getObjectName, getRegistrationTime, getSequenceNumber, hasListeners, isRegistered, premanaged, removeNotificationListener, removeNotificationListener, sendNotification, sendNotification, sendNotification, sendNotification, unregister |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface javax.servlet.Filter |
---|
destroy, init |
Field Detail |
---|
public static final String DEFAULT_USER_ACCOUNT_ID_ATTIBUTE
Constructor Detail |
---|
public AbstractAuthenticatorFilter()
Method Detail |
---|
public void postmanaged()
Manageable
postmanaged
in interface Manageable
postmanaged
in class Adaptee
public void unmanaged() throws Exception
Manageable
unmanaged
in interface Manageable
unmanaged
in class Adaptee
Exception
- if the adaptee refused to be unmanaged.public ObjectName getRealmName()
AuthenticatorFilter
getRealmName
in interface AuthenticatorFilter
public void setRealmName(ObjectName realm)
AuthenticatorFilter
setRealmName
in interface AuthenticatorFilter
realm
- the name of the realm or a query.public String getPublicRealmName()
AuthenticatorFilter
getPublicRealmName
in interface AuthenticatorFilter
public void setPublicRealmName(String name)
AuthenticatorFilter
setPublicRealmName
in interface AuthenticatorFilter
name
- the public name of the realm.public String getRealmDomain()
AuthenticatorFilter
getRealmDomain
in interface AuthenticatorFilter
public String getAuthDomain()
AuthenticatorFilter
getAuthDomain
in interface AuthenticatorFilter
public void setAuthDomain(String domain)
AuthenticatorFilter
setAuthDomain
in interface AuthenticatorFilter
domain
- the authentication domain.public boolean isAuthenticationRequired()
AuthenticatorFilter
isAuthenticationRequired
in interface AuthenticatorFilter
public void setAuthenticationRequired(boolean flag)
AuthenticatorFilter
setAuthenticationRequired
in interface AuthenticatorFilter
flag
- the authentication required flag.public boolean isCachedPrincipalDiscarded()
AuthenticatorFilter
isCachedPrincipalDiscarded
in interface AuthenticatorFilter
public void setCachedPrincipalDiscarded(boolean flag)
AuthenticatorFilter
setCachedPrincipalDiscarded
in interface AuthenticatorFilter
flag
- the cached principals discarded flag.public boolean isAnonymousPrincipalAccepted()
AuthenticatorFilter
isAnonymousPrincipalAccepted
in interface AuthenticatorFilter
public void setAnonymousPrincipalAccepted(boolean flag)
AuthenticatorFilter
setAnonymousPrincipalAccepted
in interface AuthenticatorFilter
flag
- the cached principals discarded flag.public String getUnauthorizedTemplate()
AuthenticatorFilter
getUnauthorizedTemplate
in interface AuthenticatorFilter
public void setUnauthorizedTemplate(String template)
AuthenticatorFilter
setUnauthorizedTemplate
in interface AuthenticatorFilter
template
- the unauthorized template.public int getLoginAttempts()
AuthenticatorFilter
getLoginAttempts
in interface AuthenticatorFilter
public void setLoginAttempts(int count)
AuthenticatorFilter
setLoginAttempts
in interface AuthenticatorFilter
count
- the number of login attempts, -1 = unlimited.public int getLoginAttempts(HttpServletRequest request)
AuthenticatorFilter
getLoginAttempts
in interface AuthenticatorFilter
request
- the request.
public String getLogoutURI()
AuthenticatorFilter
getLogoutURI
in interface AuthenticatorFilter
public void setLogoutURI(String uri)
AuthenticatorFilter
setLogoutURI
in interface AuthenticatorFilter
uri
- the logout URI.public String getLogoutHost()
AuthenticatorFilter
getLogoutHost
in interface AuthenticatorFilter
public void setLogoutHost(String host)
AuthenticatorFilter
setLogoutHost
in interface AuthenticatorFilter
host
- the logout host.public String getLogoutService()
AuthenticatorFilter
getLogoutService
in interface AuthenticatorFilter
public void setLogoutService(String service)
AuthenticatorFilter
setLogoutService
in interface AuthenticatorFilter
service
- the logout service.public String getLogoutPipe()
AuthenticatorFilter
getLogoutPipe
in interface AuthenticatorFilter
public void setLogoutPipe(String pipe)
AuthenticatorFilter
setLogoutPipe
in interface AuthenticatorFilter
pipe
- the logout pipe.public String getLogoutFlow()
AuthenticatorFilter
getLogoutFlow
in interface AuthenticatorFilter
public void setLogoutFlow(String flow)
AuthenticatorFilter
setLogoutFlow
in interface AuthenticatorFilter
flow
- the login flow.public String getLogoutTemplate()
AuthenticatorFilter
getLogoutTemplate
in interface AuthenticatorFilter
public void setLogoutTemplate(String template)
AuthenticatorFilter
setLogoutTemplate
in interface AuthenticatorFilter
template
- the logout template.public StringBuilder getLogoutURL(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
AuthenticatorFilter
getLogoutURL
in interface AuthenticatorFilter
request
- the request.response
- the response.chain
- the filter chain.
public StringBuilder getUserURL(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
AuthenticatorFilter
getUserURL
in interface AuthenticatorFilter
request
- the request.response
- the response.chain
- the filter chain.
public String getFaultyUser(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
AuthenticatorFilter
getFaultyUser
in interface AuthenticatorFilter
request
- the request.response
- the response.chain
- the filter chain.
public boolean isUserInRole(Principal principal, String role)
AuthenticatorFilter
isUserInRole
in interface AuthenticatorFilter
principal
- the principal for whom the role is to be checked.role
- the security role to be checked.
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
doFilter
in interface Filter
doFilter
in class DefaultFilter
ServletException
IOException
public abstract String getAuthType()
AuthenticatorFilter
getAuthType
in interface AuthenticatorFilter
public abstract Principal authenticate(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
AuthenticatorFilter
authenticate
in interface AuthenticatorFilter
request
- the request.response
- the response.chain
- the filter chain.
public Principal authenticate(String user, String pswd, HttpServletRequest request, HttpServletResponse response, FilterChain chain)
AuthenticatorFilter
authenticate
in interface AuthenticatorFilter
user
- the username.pswd
- the password.request
- the request.response
- the response.chain
- the filter chain.
public Principal authenticate(Principal principal, HttpServletRequest request, HttpServletResponse response, FilterChain chain)
AuthenticatorFilter
authenticate
in interface AuthenticatorFilter
principal
- the principal.request
- the request.response
- the response.chain
- the filter chain.
public void unauthenticated(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException
AuthenticatorFilter
unauthenticated
in interface AuthenticatorFilter
request
- the request.response
- the response.chain
- the filter chain.
ServletException
- for servlet errors.
IOException
- for general errors.public boolean isAutoLoginEnabled(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
AuthenticatorFilter
isAutoLoginEnabled
in interface AuthenticatorFilter
request
- the request.response
- the response.chain
- the filter chain.
public void setAutoLoginEnabled(HttpServletRequest request, HttpServletResponse response, FilterChain chain, boolean flag)
AuthenticatorFilter
setAutoLoginEnabled
in interface AuthenticatorFilter
request
- the request.response
- the response.chain
- the filter chain.flag
- true if enabled, false otherwise.protected Realm getRealm()
protected StringBuilder getAuthenticationURL(String host, boolean secure, String service, String pipe, String flow, String page, HttpServletRequest request, HttpServletResponse response, HttpFilterChain chain)
host
- the host.secure
- true if secure.service
- the service.pipe
- the pipe.flow
- the flow.page
- the page.request
- the request.response
- the response.chain
- the filter chain.
protected Principal verifyAuthentication(Principal principal, HttpServletRequest request, HttpServletResponse response, FilterChain chain)
principal
- the authenticated principal.request
- the request.response
- the response.chain
- the filter chain.
protected String getCredentials(HttpServletRequest request)
request
- the request.
IllegalArgumentException
- for incorrect scheme.protected void incrementLoginAttempts(HttpServletRequest request)
request
- the request.protected void decrementLoginAttempts(HttpServletRequest request)
request
- the request.protected void setFaultyUser(HttpServletRequest request, String username)
request
- the request.username
- the remote user.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |