com.atlassian.crowd.openid.client.filter
Class VerifyOpenIDAuthenticationFilter

java.lang.Object
  extended by org.springframework.web.filter.GenericFilterBean
      extended by org.springframework.web.filter.OncePerRequestFilter
          extended by com.atlassian.crowd.openid.client.filter.VerifyOpenIDAuthenticationFilter
All Implemented Interfaces:
javax.servlet.Filter, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.web.context.ServletContextAware

public class VerifyOpenIDAuthenticationFilter
extends org.springframework.web.filter.OncePerRequestFilter

Checks if web-user is authenticated. If they are not redirect them to the login page. This filter is run once per request.


Field Summary
static java.lang.String AUTHENTICATED_PRINCIPAL_SESSION_KEY
           
static java.lang.String ORIGINAL_URL
          The session key stored as a String, is the requested secure url before redirect to the authentication page.
 
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
 
Constructor Summary
VerifyOpenIDAuthenticationFilter()
           
 
Method Summary
protected  void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
          Verifies the user is authenticated, otherwise redirects them to the login screen with the ORIGINAL_URL appropriately set to the secure page they were trying to access.
protected  java.lang.String getOringinalURL(javax.servlet.http.HttpServletRequest request)
          Stores the URL the user was originally requesting.
protected  boolean isAuthenticated(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Checks if a principal is authenticated.
 
Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, shouldNotFilter
 
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setServletContext
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ORIGINAL_URL

public static final java.lang.String ORIGINAL_URL
The session key stored as a String, is the requested secure url before redirect to the authentication page.


AUTHENTICATED_PRINCIPAL_SESSION_KEY

public static final java.lang.String AUTHENTICATED_PRINCIPAL_SESSION_KEY
Constructor Detail

VerifyOpenIDAuthenticationFilter

public VerifyOpenIDAuthenticationFilter()
Method Detail

isAuthenticated

protected boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
                                  javax.servlet.http.HttpServletResponse response)
                           throws javax.servlet.ServletException,
                                  java.io.IOException
Checks if a principal is authenticated.

Parameters:
request - The HTTP request.
response - The HTTP response.
Returns:
true if and only if the principal is authenticated, otherwise false.
Throws:
java.io.IOException - I/O related problems.
javax.servlet.ServletException - Servlet related problems.

getOringinalURL

protected java.lang.String getOringinalURL(javax.servlet.http.HttpServletRequest request)
Stores the URL the user was originally requesting.

Parameters:
request - The HTTP request.
Returns:
The requested URL.

doFilterInternal

protected void doFilterInternal(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response,
                                javax.servlet.FilterChain filterChain)
                         throws javax.servlet.ServletException,
                                java.io.IOException
Verifies the user is authenticated, otherwise redirects them to the login screen with the ORIGINAL_URL appropriately set to the secure page they were trying to access.

Specified by:
doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
Parameters:
request - HttpServletRequest
response - HttpServletResponse
filterChain - FilterChain
Throws:
javax.servlet.ServletException - if an error occurs while processing filter chain or sending a redirect to the login screen
java.io.IOException - if an error occurs while processing filter chain or sending a redirect to the login screen


Copyright © 2010 Atlassian. All Rights Reserved.