AuthFilter (XBank)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

biz.hammurapi.web.security
Class AuthFilter

java.lang.Object
  biz.hammurapi.web.security.AuthFilter

All Implemented Interfaces:: javax.servlet.Filter

public class AuthFilter
extends java.lang.Object
implements javax.servlet.Filter

This class handles authentication - it makes sure that each request is authenticated

Version:: $Revision: 1.1 $
Author:: Pavel Vlasov

Field Summary
`static java.lang.String`	`AUTHORIZATION_PROVIDER`
`static java.lang.String`	`LOGIN_TARGET`
`static java.lang.String`	`LOGIN_URL_ATTRIBUTE`
`static java.lang.String`	`MAX_LOGIN_ATTEMPTS`
`static java.lang.String`	`REMAINING_LOGIN_ATTEMPTS`
`static java.lang.String`	`USER`

Constructor Summary
`AuthFilter()`

Method Summary
`void`	`destroy()`
`void`	`doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)` Checks user in session.
`java.lang.String`	`getUnauthenticatedPrincipal()`
`void`	`init(javax.servlet.FilterConfig filterConfig)` Init method for this filter

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOGIN_TARGET

public static final java.lang.String LOGIN_TARGET

See Also:: Constant Field Values

LOGIN_URL_ATTRIBUTE

public static final java.lang.String LOGIN_URL_ATTRIBUTE

MAX_LOGIN_ATTEMPTS

public static final java.lang.String MAX_LOGIN_ATTEMPTS

See Also:: Constant Field Values

AUTHORIZATION_PROVIDER

public static final java.lang.String AUTHORIZATION_PROVIDER

USER

public static final java.lang.String USER

REMAINING_LOGIN_ATTEMPTS

public static final java.lang.String REMAINING_LOGIN_ATTEMPTS

See Also:: Constant Field Values

Constructor Detail

AuthFilter

public AuthFilter()

Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Init method for this filter

Specified by:: init in interface javax.servlet.Filter

Throws:: javax.servlet.ServletException

getUnauthenticatedPrincipal

public java.lang.String getUnauthenticatedPrincipal()

Returns:: Name of unauthenticated principal (guest user) for this application.

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException

Checks user in session. If user is present then authorization provider is injected into request. If there is no credentials then Guest credentials are used if such user exists and is not blocked. If Guest user doesn't exists then control is passed to login url. If login URL is null then basic authentication is used.

Specified by:: doFilter in interface javax.servlet.Filter

Parameters:: request - The servlet request we are processing; chain - The filter chain we are processing
Throws:: java.io.IOException - if an input/output error occurs; javax.servlet.ServletException - if a servlet error occurs

destroy

public void destroy()

Specified by:: destroy in interface javax.servlet.Filter