com.atlassian.crowd.plugin.rest.filter
Class BasicUserAuthenticationFilter
java.lang.Object
com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter
com.atlassian.crowd.plugin.rest.filter.BasicUserAuthenticationFilter
- All Implemented Interfaces:
- javax.servlet.Filter
public class BasicUserAuthenticationFilter
- extends AbstractBasicAuthenticationFilter
Implementation of HTTP Basic Authentication such that all invocations
to the filter must be authenticated with a valid admin name
and corresponding password.
As a performance enhancement the user name is saved in the
session after a successful authentication. Password check is waived
with consequent requests when the user name in the request
matches the user name in the session. Clients wishing to take
advantage of this feature must support cookies.
- Since:
- 2.2
Method Summary |
void |
doFilter(javax.servlet.ServletRequest servletRequest,
javax.servlet.ServletResponse servletResponse,
javax.servlet.FilterChain chain)
|
protected String |
getAuthenticationErrorMessage()
Returns the authentication error message. |
protected String |
getBasicRealm()
Returns the Basic Realm in the WWW-Authenticate header. |
protected String |
getEntityAttributeKey()
Returns the HTTP request attribute key for the entity. |
void |
init(javax.servlet.FilterConfig filterConfig)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
BasicUserAuthenticationFilter
public BasicUserAuthenticationFilter(com.atlassian.sal.api.user.UserManager userManager)
init
public void init(javax.servlet.FilterConfig filterConfig)
throws javax.servlet.ServletException
- Specified by:
init
in interface javax.servlet.Filter
- Overrides:
init
in class AbstractBasicAuthenticationFilter
- Throws:
javax.servlet.ServletException
doFilter
public void doFilter(javax.servlet.ServletRequest servletRequest,
javax.servlet.ServletResponse servletResponse,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
- Throws:
IOException
javax.servlet.ServletException
getEntityAttributeKey
protected String getEntityAttributeKey()
- Description copied from class:
AbstractBasicAuthenticationFilter
- Returns the HTTP request attribute key for the entity.
- Specified by:
getEntityAttributeKey
in class AbstractBasicAuthenticationFilter
- Returns:
- attribute key for the entity
getAuthenticationErrorMessage
protected String getAuthenticationErrorMessage()
- Description copied from class:
AbstractBasicAuthenticationFilter
- Returns the authentication error message.
- Specified by:
getAuthenticationErrorMessage
in class AbstractBasicAuthenticationFilter
- Returns:
- authentication error message
getBasicRealm
protected String getBasicRealm()
- Description copied from class:
AbstractBasicAuthenticationFilter
- Returns the Basic Realm in the WWW-Authenticate header.
- Specified by:
getBasicRealm
in class AbstractBasicAuthenticationFilter
- Returns:
- Basic Realm
Copyright © 2012 Atlassian. All Rights Reserved.