public class AuthenticationFilter extends Object implements javax.servlet.Filter
AuthToken concept to implement the equivalent of bearer token
authentication. This filter supports both AuthToken's as well
as standard BASIC authentication. The latter is implemented by
delegating to the container.| Modifier and Type | Class and Description |
|---|---|
protected static class |
AuthenticationFilter.Creds
Models inbound basic auth credentials (user/password).
|
| Constructor and Description |
|---|
AuthenticationFilter()
Constructor.
|
| Modifier and Type | Method and Description |
|---|---|
protected Set<String> |
defaultAllowedIssuers() |
protected String |
defaultKeyAlias() |
protected String |
defaultKeyPassword() |
protected String |
defaultKeystorePassword() |
protected String |
defaultKeystorePath() |
protected String |
defaultRealm() |
protected boolean |
defaultSignatureRequired() |
protected boolean |
defaultWrapRequest() |
void |
destroy() |
protected void |
doBasicAuth(AuthenticationFilter.Creds credentials,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain)
Handle BASIC authentication.
|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain) |
protected void |
doFilterChain(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain,
io.apiman.common.auth.AuthPrincipal principal)
Further process the filter chain.
|
protected void |
doTokenAuth(io.apiman.common.auth.AuthToken token,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain)
Implements token based authentication.
|
void |
init(javax.servlet.FilterConfig config) |
public void init(javax.servlet.FilterConfig config)
throws javax.servlet.ServletException
init in interface javax.servlet.Filterjavax.servlet.ServletExceptionFilter.init(javax.servlet.FilterConfig)protected String defaultKeystorePassword()
protected String defaultKeyAlias()
protected String defaultKeyPassword()
protected String defaultKeystorePath()
protected boolean defaultSignatureRequired()
protected boolean defaultWrapRequest()
protected Set<String> defaultAllowedIssuers()
protected String defaultRealm()
public void doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
doFilter in interface javax.servlet.FilterIOExceptionjavax.servlet.ServletExceptionFilter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)protected void doBasicAuth(AuthenticationFilter.Creds credentials, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
credentials - the credentialsrequest - the http servlet requestresponse - the http servlet resposechain - the filter chainIOException - when I/O failure occurs in filter chainjavax.servlet.ServletException - when servlet exception occurs during authprotected void doTokenAuth(io.apiman.common.auth.AuthToken token,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
AuthToken
and then calls doFilterChain.token - the tokenrequest - the requestresponse - the responsechain - the filterchainIOException - when I/O failure occurs in filter chainjavax.servlet.ServletException - when servlet exception occurs during authprotected void doFilterChain(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain,
io.apiman.common.auth.AuthPrincipal principal)
throws IOException,
javax.servlet.ServletException
request - the requestresponse - the responsechain - the filter chainprincipal - the auth principalIOException - when I/O failure occurs in filter chainjavax.servlet.ServletException - when servlet exception occurs during authpublic void destroy()
destroy in interface javax.servlet.FilterFilter.destroy()Copyright © 2015 JBoss, a division of Red Hat. All rights reserved.