com.atlassian.crowd.plugin.rest.filter
Class BasicUserAuthenticationFilter

java.lang.Object
  com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter
      com.atlassian.crowd.plugin.rest.filter.BasicUserAuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter

public class BasicUserAuthenticationFilter
extends AbstractBasicAuthenticationFilter

Implementation of HTTP Basic Authentication such that all invocations to the filter must be authenticated with a valid admin name and corresponding password. As a performance enhancement the user name is saved in the session after a successful authentication. Password check is waived with consequent requests when the user name in the request matches the user name in the session. Clients wishing to take advantage of this feature must support cookies.

Since:

2.2

Nested Class Summary

Nested classes/interfaces inherited from class com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter

AbstractBasicAuthenticationFilter.Credentials

Constructor Summary

BasicUserAuthenticationFilter(com.atlassian.sal.api.user.UserManager userManager)

Method Summary

void	doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain chain)
protected String	getAuthenticationErrorMessage() Returns the authentication error message.
protected String	getBasicRealm() Returns the Basic Realm in the WWW-Authenticate header.
protected String	getEntityAttributeKey() Returns the HTTP request attribute key for the entity.
void	init(javax.servlet.FilterConfig filterConfig)

Methods inherited from class com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter

destroy, ensureSeraphForwardsRequest, getAuthenticatedEntity, getBasicAuthCredentials, isAuthenticated, respondWithChallenge, setAuthenticatedEntity

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BasicUserAuthenticationFilter

public BasicUserAuthenticationFilter(com.atlassian.sal.api.user.UserManager userManager)

Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Filter

Overrides:

init in class AbstractBasicAuthenticationFilter

Throws:

javax.servlet.ServletException

doFilter

public void doFilter(javax.servlet.ServletRequest servletRequest,
                     javax.servlet.ServletResponse servletResponse,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException

Throws:

IOException

javax.servlet.ServletException

getEntityAttributeKey

protected String getEntityAttributeKey()

Description copied from class: AbstractBasicAuthenticationFilter

Returns the HTTP request attribute key for the entity.

Specified by:

getEntityAttributeKey in class AbstractBasicAuthenticationFilter

Returns:

attribute key for the entity

getAuthenticationErrorMessage

protected String getAuthenticationErrorMessage()

Description copied from class: AbstractBasicAuthenticationFilter

Returns the authentication error message.

Specified by:

getAuthenticationErrorMessage in class AbstractBasicAuthenticationFilter

Returns:

authentication error message

getBasicRealm

protected String getBasicRealm()

Description copied from class: AbstractBasicAuthenticationFilter

Returns the Basic Realm in the WWW-Authenticate header.

Specified by:

getBasicRealm in class AbstractBasicAuthenticationFilter

Returns:

Basic Realm