Class Overview
JRA-25405: Users need to be able to hit '/rest/auth' even when their session has expired.
The 'RestSeraphFilter' adds a magic seraph attribute to rest requests (i.e. /rest) that make seraph return a 401
when a request is made from a person whose session timed out. It does this under the assumption
that the person did not mean to logout and will want to know that their session expired.
Unfortunately, to log back in this user needs to hit a rest resource (i.e. /rest/auth). However, they
will be unable to do so as they get a 401. To get around this we set this magic attribute to "none" for
rest calls under '/rest/auth' under the assumption that these calls will handle their own authentication.
Summary
| Public Methods |
|---|
|
void
|
destroy()
|
|
void
|
doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
|
void
|
init(FilterConfig filterConfig)
|
|
[Expand]
Inherited Methods |
|---|
From class
java.lang.Object
|
Object
|
clone()
|
|
boolean
|
equals(Object arg0)
|
|
void
|
finalize()
|
|
final
Class<?>
|
getClass()
|
|
int
|
hashCode()
|
|
final
void
|
notify()
|
|
final
void
|
notifyAll()
|
|
String
|
toString()
|
|
final
void
|
wait(long arg0, int arg1)
|
|
final
void
|
wait(long arg0)
|
|
final
void
|
wait()
|
|
From interface
javax.servlet.Filter
|
void
|
destroy()
|
|
void
|
doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
|
|
void
|
init(FilterConfig arg0)
|
|
Public Constructors
public
JiraRestSeraphAuthFilter
()
Public Methods
public
void
doFilter
(ServletRequest request, ServletResponse response, FilterChain chain)
public
void
init
(FilterConfig filterConfig)
