Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.norther.tammi.spray.authenticator
Class DefaultHttpFormAuthFilter

java.lang.Object
  extended by org.norther.tammi.core.base.Adaptee
      extended by org.norther.tammi.spray.filter.DefaultFilter
          extended by org.norther.tammi.spray.authenticator.AbstractAuthenticatorFilter
              extended by org.norther.tammi.spray.authenticator.DefaultHttpFormAuthFilter
All Implemented Interfaces:
Serializable, NotificationBroadcaster, NotificationEmitter, Filter, Manageable, MBeanDelegate, AuthenticatorFilter, HttpFormAuthFilter
public class DefaultHttpFormAuthFilter
extends AbstractAuthenticatorFilter
implements HttpFormAuthFilter

An implementation of the FORM BASED authentication.

Based on FormAuthenticator in the Apache Jakarta Tomcat project.

Author:
Craig R. McClanahan, Ilkka Priha
See Also:
Serialized Form

Field Summary
 
Fields inherited from class org.norther.tammi.spray.authenticator.AbstractAuthenticatorFilter
DEFAULT_USER_ACCOUNT_ID_ATTIBUTE
 
Fields inherited from class org.norther.tammi.core.base.Adaptee
ADAPTEE_NOTIF_DESCRIPTION, ADAPTEE_NOTIFICATIONS
 
Fields inherited from interface org.norther.tammi.spray.authenticator.HttpFormAuthFilter
FORM_AUTH
 
Fields inherited from interface org.norther.tammi.core.base.MBeanDelegate
ARRAY_TYPE, OBJECT_TYPE, PRIMITIVE_TYPE, STRING_TYPE
 
Constructor Summary
DefaultHttpFormAuthFilter()
          Constructs a new filter.
 
Method Summary
 Principal authenticate(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
          Authenticates a request within the realm of this filter.
 String getAuthType()
          Gets the authentication scheme.
 int getLoginAge()
          Gets the max age of the login.
 String getLoginFlow()
          Gets the login flow.
 String getLoginHost()
          Gets the login host.
 String getLoginPipe()
          Gets the login pipe.
 String getLoginService()
          Gets the login service.
 String getLoginTemplate()
          Gets the login template.
 String getLoginURI()
          Gets the login URI.
 StringBuilder getLoginURL(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
          Gets the login URL, with the scheme, host and port if required, for the specified request.
 boolean isAutoLoginEnabled(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
          Checks whether automatic login is enabled for the specified request.
 boolean isSecure()
          Checks whether authentication should apply a secure connection.
 void setAutoLoginEnabled(HttpServletRequest request, HttpServletResponse response, FilterChain chain, boolean flag)
          Sets whether automatic login is enabled for the specified request.
 void setLoginAge(int secs)
          Sets the max age of the login.
 void setLoginFlow(String flow)
          Sets the login flow.
 void setLoginHost(String host)
          Sets the login host.
 void setLoginPipe(String pipe)
          Sets the login pipe.
 void setLoginService(String service)
          Sets the login service.
 void setLoginTemplate(String template)
          Sets the login template.
 void setLoginURI(String uri)
          Sets the login URI.
 void setSecure(boolean flag)
          Sets whether authentication should apply a secure connection.
 void unauthenticated(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
          A handler for unauthenticated requests that should provide an opportunity for the user to re-authenticate himself.
 
Methods inherited from class org.norther.tammi.spray.authenticator.AbstractAuthenticatorFilter
decrementLoginAttempts, doFilter, generateAuthenticate, getAuthenticationURL, getCredentials, getDefaultDomain, getFaultyUser, getLoginAttempts, getLoginAttempts, getLogoutFlow, getLogoutHost, getLogoutPipe, getLogoutService, getLogoutTemplate, getLogoutURI, getLogoutURL, getPublicRealmName, getRealm, getRealmName, getUnauthorizedTemplate, incrementLoginAttempts, isAuthenticationRequired, isCachedPrincipalDiscarded, isUserInRole, postmanaged, setAuthenticationRequired, setCachedPrincipalDiscarded, setDefaultDomain, setFaultyUser, setLoginAttempts, setLogoutFlow, setLogoutHost, setLogoutPipe, setLogoutService, setLogoutTemplate, setLogoutURI, setPublicRealmName, setRealmName, setUnauthorizedTemplate, unmanaged, verifyAuthentication
 
Methods inherited from class org.norther.tammi.spray.filter.DefaultFilter
destroy, getFilterConfig, getRequestMap, getSessionMap, init
 
Methods inherited from class org.norther.tammi.core.base.Adaptee
addAdaptee, addNotificationListener, getAttributeSupport, getBroker, getCanonicalName, getDomain, getFactory, getLoader, getLog, getLog, getMBean, getMBeanServer, getNotificationInfo, getObjectName, getRegistrationTime, getSequenceNumber, hasListeners, isRegistered, premanaged, removeNotificationListener, removeNotificationListener, sendNotification, sendNotification, sendNotification, sendNotification, unregister
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.norther.tammi.spray.authenticator.AuthenticatorFilter
getDefaultDomain, getFaultyUser, getLoginAttempts, getLoginAttempts, getLogoutFlow, getLogoutHost, getLogoutPipe, getLogoutService, getLogoutTemplate, getLogoutURI, getLogoutURL, getPublicRealmName, getRealmName, getUnauthorizedTemplate, isAuthenticationRequired, isCachedPrincipalDiscarded, isUserInRole, setAuthenticationRequired, setCachedPrincipalDiscarded, setDefaultDomain, setLoginAttempts, setLogoutFlow, setLogoutHost, setLogoutPipe, setLogoutService, setLogoutTemplate, setLogoutURI, setPublicRealmName, setRealmName, setUnauthorizedTemplate
 
Methods inherited from interface javax.servlet.Filter
destroy, doFilter, init
 

Constructor Detail

DefaultHttpFormAuthFilter

public DefaultHttpFormAuthFilter()
Constructs a new filter.

Method Detail

getAuthType

public String getAuthType()
Description copied from interface: AuthenticatorFilter
Gets the authentication scheme.

Specified by:
getAuthType in interface AuthenticatorFilter
Specified by:
getAuthType in class AbstractAuthenticatorFilter
Returns:
the authentication scheme.

isSecure

public boolean isSecure()
Description copied from interface: HttpFormAuthFilter
Checks whether authentication should apply a secure connection.

Specified by:
isSecure in interface HttpFormAuthFilter
Returns:
true for a secure authentication, false otherwise.

setSecure

public void setSecure(boolean flag)
Description copied from interface: HttpFormAuthFilter
Sets whether authentication should apply a secure connection.

Specified by:
setSecure in interface HttpFormAuthFilter
Parameters:
flag - true for a secure authentication, false otherwise.

getLoginAge

public int getLoginAge()
Description copied from interface: HttpFormAuthFilter
Gets the max age of the login.

Specified by:
getLoginAge in interface HttpFormAuthFilter
Returns:
the age in seconds.

setLoginAge

public void setLoginAge(int secs)
Description copied from interface: HttpFormAuthFilter
Sets the max age of the login. If >0, the authentication is cached in a cookie and reused during the next login attempt.

Specified by:
setLoginAge in interface HttpFormAuthFilter
Parameters:
secs - the age in seconds.

getLoginURI

public String getLoginURI()
Description copied from interface: HttpFormAuthFilter
Gets the login URI.

Specified by:
getLoginURI in interface HttpFormAuthFilter
Returns:
the login URI.

setLoginURI

public void setLoginURI(String uri)
Description copied from interface: HttpFormAuthFilter
Sets the login URI. An explicit URI overrides the login host, service, pipe, template and flow.

Specified by:
setLoginURI in interface HttpFormAuthFilter
Parameters:
uri - the login URI.

getLoginHost

public String getLoginHost()
Description copied from interface: HttpFormAuthFilter
Gets the login host.

Specified by:
getLoginHost in interface HttpFormAuthFilter
Returns:
the login host.

setLoginHost

public void setLoginHost(String host)
Description copied from interface: HttpFormAuthFilter
Sets the login host.

Specified by:
setLoginHost in interface HttpFormAuthFilter
Parameters:
host - the login host.

getLoginService

public String getLoginService()
Description copied from interface: HttpFormAuthFilter
Gets the login service.

Specified by:
getLoginService in interface HttpFormAuthFilter
Returns:
the login service.

setLoginService

public void setLoginService(String service)
Description copied from interface: HttpFormAuthFilter
Sets the login service. The service is applied to the login URI if an explicit one is not specified.

Specified by:
setLoginService in interface HttpFormAuthFilter
Parameters:
service - the login service.

getLoginPipe

public String getLoginPipe()
Description copied from interface: HttpFormAuthFilter
Gets the login pipe.

Specified by:
getLoginPipe in interface HttpFormAuthFilter
Returns:
the login pipe.

setLoginPipe

public void setLoginPipe(String pipe)
Description copied from interface: HttpFormAuthFilter
Sets the login pipe. The pipe is applied to the login URI if an explicit one is not specified.

Specified by:
setLoginPipe in interface HttpFormAuthFilter
Parameters:
pipe - the login pipe.

getLoginFlow

public String getLoginFlow()
Description copied from interface: HttpFormAuthFilter
Gets the login flow.

Specified by:
getLoginFlow in interface HttpFormAuthFilter
Returns:
the login flow.

setLoginFlow

public void setLoginFlow(String flow)
Description copied from interface: HttpFormAuthFilter
Sets the login flow. The flow is applied to the login URI if an explicit one is not specified.

Specified by:
setLoginFlow in interface HttpFormAuthFilter
Parameters:
flow - the login flow.

getLoginTemplate

public String getLoginTemplate()
Description copied from interface: HttpFormAuthFilter
Gets the login template.

Specified by:
getLoginTemplate in interface HttpFormAuthFilter
Returns:
the login template.

setLoginTemplate

public void setLoginTemplate(String template)
Description copied from interface: HttpFormAuthFilter
Sets the login template. The template is applied to the login URI if an explicit one is not specified.

Specified by:
setLoginTemplate in interface HttpFormAuthFilter
Parameters:
template - the login template.

getLoginURL

public StringBuilder getLoginURL(HttpServletRequest request,
                                 HttpServletResponse response,
                                 FilterChain chain)
Description copied from interface: HttpFormAuthFilter
Gets the login URL, with the scheme, host and port if required, for the specified request.

Specified by:
getLoginURL in interface HttpFormAuthFilter
Parameters:
request - the request.
response - the response.
chain - the filter chain.
Returns:
the login URL or null if not defined.

authenticate

public Principal authenticate(HttpServletRequest request,
                              HttpServletResponse response,
                              FilterChain chain)
Description copied from interface: AuthenticatorFilter
Authenticates a request within the realm of this filter.

Specified by:
authenticate in interface AuthenticatorFilter
Specified by:
authenticate in class AbstractAuthenticatorFilter
Parameters:
request - the request.
response - the response.
chain - the filter chain.
Returns:
the authenticated user principal or null.

unauthenticated

public void unauthenticated(HttpServletRequest request,
                            HttpServletResponse response,
                            FilterChain chain)
                     throws ServletException,
                            IOException
Description copied from interface: AuthenticatorFilter
A handler for unauthenticated requests that should provide an opportunity for the user to re-authenticate himself. Must either produce a valid response or throw an exception.

Specified by:
unauthenticated in interface AuthenticatorFilter
Overrides:
unauthenticated in class AbstractAuthenticatorFilter
Parameters:
request - the request.
response - the response.
chain - the filter chain.
Throws:
ServletException - for servlet errors.
IOException - for general errors.

isAutoLoginEnabled

public boolean isAutoLoginEnabled(HttpServletRequest request,
                                  HttpServletResponse response,
                                  FilterChain chain)
Description copied from interface: AuthenticatorFilter
Checks whether automatic login is enabled for the specified request.

Specified by:
isAutoLoginEnabled in interface AuthenticatorFilter
Overrides:
isAutoLoginEnabled in class AbstractAuthenticatorFilter
Parameters:
request - the request.
response - the response.
chain - the filter chain.
Returns:
true if enabled, false otherwise.

setAutoLoginEnabled

public void setAutoLoginEnabled(HttpServletRequest request,
                                HttpServletResponse response,
                                FilterChain chain,
                                boolean flag)
Description copied from interface: AuthenticatorFilter
Sets whether automatic login is enabled for the specified request.

Specified by:
setAutoLoginEnabled in interface AuthenticatorFilter
Overrides:
setAutoLoginEnabled in class AbstractAuthenticatorFilter
Parameters:
request - the request.
response - the response.
chain - the filter chain.
flag - true if enabled, false otherwise.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004 The Norther Organization. All rights reserved.