com.atlassian.crowd.plugin.rest.filter

Class AbstractBasicAuthenticationFilter

java.lang.Object

com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter

Direct Known Subclasses:

BasicApplicationAuthenticationFilter, BasicUserAuthenticationFilter

public abstract class AbstractBasicAuthenticationFilter
extends Object
implements javax.servlet.Filter

Abstract implementation for a Basic Authentication filter.

Since:

2.2

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
protected class	AbstractBasicAuthenticationFilter.Credentials

Constructor Summary

Constructors

Constructor and Description
AbstractBasicAuthenticationFilter()

Method Summary

Methods

Modifier and Type	Method and Description
void	destroy()
protected void	ensureSeraphForwardsRequest(javax.servlet.ServletRequest request) Ensures that Seraph simply forwards the request without processing it.
protected String	getAuthenticatedEntity(javax.servlet.http.HttpServletRequest request) Returns the authenticated entity from the request, or null if there is no authenticated entity.
protected abstract String	getAuthenticationErrorMessage() Returns the authentication error message.
protected AbstractBasicAuthenticationFilter.Credentials	getBasicAuthCredentials(javax.servlet.http.HttpServletRequest request) Returns the Basic Auth credentials.
protected abstract String	getBasicRealm() Returns the Basic Realm in the WWW-Authenticate header.
protected abstract String	getEntityAttributeKey() Returns the HTTP request attribute key for the entity.
void	init(javax.servlet.FilterConfig filterConfig)
protected boolean	isAuthenticated(javax.servlet.http.HttpServletRequest request, AbstractBasicAuthenticationFilter.Credentials credentials) Consider the request as authenticated, if the entity name in it matches the entity name saved in the HttpSession.
protected void	respondWithChallenge(javax.servlet.http.HttpServletResponse response) Responds to request with a Basic Authentication challenge.
protected void	setAuthenticatedEntity(javax.servlet.http.HttpServletRequest request, String name) Sets the authenticated entity.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.servlet.Filter

doFilter

Constructor Detail

AbstractBasicAuthenticationFilter

public AbstractBasicAuthenticationFilter()

Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Filter

Throws:

javax.servlet.ServletException

getBasicAuthCredentials

protected AbstractBasicAuthenticationFilter.Credentials getBasicAuthCredentials(javax.servlet.http.HttpServletRequest request)

Returns the Basic Auth credentials.

Parameters:

request - the request

Returns:

basic authentication credentials

isAuthenticated

protected boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
                      AbstractBasicAuthenticationFilter.Credentials credentials)

Consider the request as authenticated, if the entity name in it matches the entity name saved in the HttpSession.

Parameters:

request - HTTP servlet request possibly containing a HttpSession

credentials - credentials sent with the request

Returns:

true if the entity has already been authenticated

respondWithChallenge

protected void respondWithChallenge(javax.servlet.http.HttpServletResponse response)
                             throws IOException

Responds to request with a Basic Authentication challenge.

Parameters:

response - the HTTP response

Throws:

IOException

destroy

public void destroy()

Specified by:

destroy in interface javax.servlet.Filter

ensureSeraphForwardsRequest

protected void ensureSeraphForwardsRequest(javax.servlet.ServletRequest request)

Ensures that Seraph simply forwards the request without processing it.

Parameters:

request - HttpServletRequest

getAuthenticatedEntity

protected String getAuthenticatedEntity(javax.servlet.http.HttpServletRequest request)

Returns the authenticated entity from the request, or null if there is no authenticated entity.

Parameters:

request - Request

Returns:

authenticated entity from the request, or null if there is no authenticated entity.

setAuthenticatedEntity

protected void setAuthenticatedEntity(javax.servlet.http.HttpServletRequest request,
                          String name)

Sets the authenticated entity.

Parameters:

request - Request

name - the name of the authenticated entity

getEntityAttributeKey

protected abstract String getEntityAttributeKey()

Returns the HTTP request attribute key for the entity.

Returns:

attribute key for the entity

getAuthenticationErrorMessage

protected abstract String getAuthenticationErrorMessage()

Returns the authentication error message.

Returns:

authentication error message

getBasicRealm

protected abstract String getBasicRealm()

Returns the Basic Realm in the WWW-Authenticate header.

Returns:

Basic Realm