org.apache.shiro.web.filter.authc
Class AuthenticatingFilter
java.lang.Object
org.apache.shiro.web.servlet.ServletContextSupport
org.apache.shiro.web.servlet.AbstractFilter
org.apache.shiro.web.servlet.NameableFilter
org.apache.shiro.web.servlet.OncePerRequestFilter
org.apache.shiro.web.servlet.AdviceFilter
org.apache.shiro.web.filter.PathMatchingFilter
org.apache.shiro.web.filter.AccessControlFilter
org.apache.shiro.web.filter.authc.AuthenticationFilter
org.apache.shiro.web.filter.authc.AuthenticatingFilter
- All Implemented Interfaces:
- Filter, Nameable, PathConfigProcessor
- Direct Known Subclasses:
- BasicHttpAuthenticationFilter, FormAuthenticationFilter
public abstract class AuthenticatingFilter
- extends AuthenticationFilter
An AuthenticationFilter that is capable of automatically performing an authentication attempt
based on the incoming request.
- Since:
- 0.9
|
Method Summary |
protected abstract AuthenticationToken |
createToken(ServletRequest request,
ServletResponse response)
|
protected AuthenticationToken |
createToken(String username,
String password,
boolean rememberMe,
String host)
|
protected AuthenticationToken |
createToken(String username,
String password,
ServletRequest request,
ServletResponse response)
|
protected boolean |
executeLogin(ServletRequest request,
ServletResponse response)
|
protected String |
getHost(ServletRequest request)
Returns the host name or IP associated with the current subject. |
protected boolean |
isRememberMe(ServletRequest request)
Returns true if "rememberMe" should be enabled for the login attempt associated with the
current request, false otherwise. |
protected boolean |
onLoginFailure(AuthenticationToken token,
AuthenticationException e,
ServletRequest request,
ServletResponse response)
|
protected boolean |
onLoginSuccess(AuthenticationToken token,
Subject subject,
ServletRequest request,
ServletResponse response)
|
AuthenticatingFilter
public AuthenticatingFilter()
executeLogin
protected boolean executeLogin(ServletRequest request,
ServletResponse response)
throws Exception
- Throws:
Exception
createToken
protected abstract AuthenticationToken createToken(ServletRequest request,
ServletResponse response)
throws Exception
- Throws:
Exception
createToken
protected AuthenticationToken createToken(String username,
String password,
ServletRequest request,
ServletResponse response)
createToken
protected AuthenticationToken createToken(String username,
String password,
boolean rememberMe,
String host)
onLoginSuccess
protected boolean onLoginSuccess(AuthenticationToken token,
Subject subject,
ServletRequest request,
ServletResponse response)
throws Exception
- Throws:
Exception
onLoginFailure
protected boolean onLoginFailure(AuthenticationToken token,
AuthenticationException e,
ServletRequest request,
ServletResponse response)
getHost
protected String getHost(ServletRequest request)
- Returns the host name or IP associated with the current subject. This method is primarily provided for use
during construction of an
AuthenticationToken.
The default implementation merely returns ServletRequest.getRemoteHost().
- Parameters:
request - the incoming ServletRequest
- Returns:
- the
InetAddress to associate with the login attempt.
isRememberMe
protected boolean isRememberMe(ServletRequest request)
- Returns
true if "rememberMe" should be enabled for the login attempt associated with the
current request, false otherwise.
This implementation always returns false and is provided as a template hook to subclasses that
support rememberMe logins and wish to determine rememberMe in a custom mannner
based on the current request.
- Parameters:
request - the incoming ServletRequest
- Returns:
true if "rememberMe" should be enabled for the login attempt associated with the
current request, false otherwise.
Copyright © 2004-2010 The Apache Software Foundation. All Rights Reserved.