Package com.atlassian.crowd.integration.springsecurity

Class LocalCrowdSSOAuthenticationProcessingFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

com.atlassian.crowd.integration.springsecurity.AbstractCrowdSSOAuthenticationProcessingFilter

com.atlassian.crowd.integration.springsecurity.AbstractLocalCrowdAuthenticationProcessingFilter

com.atlassian.crowd.integration.springsecurity.LocalCrowdSSOAuthenticationProcessingFilter

All Implemented Interfaces:

jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class LocalCrowdSSOAuthenticationProcessingFilter
extends AbstractLocalCrowdAuthenticationProcessingFilter

Field Summary

Fields

Modifier and Type	Field	Description
static final String	PROTECTED_REST_ENDPOINTS_PATTERN

Fields inherited from class com.atlassian.crowd.integration.springsecurity.AbstractLocalCrowdAuthenticationProcessingFilter

propertyManager, rememberMeService, tokenAuthenticationManager

Fields inherited from class com.atlassian.crowd.integration.springsecurity.AbstractCrowdSSOAuthenticationProcessingFilter

clientProperties, SILENT_AUTHENTICATION_EXCEPTION_SWALLOWER, tokenHelper

Fields inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

SPRING_SECURITY_FORM_PASSWORD_KEY, SPRING_SECURITY_FORM_USERNAME_KEY

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

authenticationDetailsSource, eventPublisher, messages

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	LocalCrowdSSOAuthenticationProcessingFilter(ClientProperties clientProperties, CrowdHttpTokenHelper tokenHelper, PropertyManager propertyManager, TokenAuthenticationManager tokenAuthenticationManager, CrowdRememberMeService rememberMeService)

Method Summary

Modifier and Type	Method	Description
void	doFilter(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, jakarta.servlet.FilterChain chain)
protected String	getSavedPath(jakarta.servlet.http.HttpServletRequest request)
protected String	obtainPassword(jakarta.servlet.http.HttpServletRequest request)
protected String	obtainUsername(jakarta.servlet.http.HttpServletRequest request)
protected void	onUnsuccessfulAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)	Remove any SSO tokens associated with the request, effectively logging the user out of Crowd.
protected boolean	userWantsToBeRemembered(jakarta.servlet.http.HttpServletRequest request)

Methods inherited from class com.atlassian.crowd.integration.springsecurity.AbstractLocalCrowdAuthenticationProcessingFilter

appendSuppliers, clearRememberMeToken, getCookieConfiguration, successfulAuthentication

Methods inherited from class com.atlassian.crowd.integration.springsecurity.AbstractCrowdSSOAuthenticationProcessingFilter

canUseSavedRequestToAuthenticate, doSetDetails, getAuthenticatedToken, getAuthenticationDetails, requiresAuthentication, setDetails, setLoginUrlAuthenticationEntryPoint, setRequestToApplicationMapper, storeTokenIfCrowd, unsuccessfulAuthentication

Methods inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

attemptAuthentication, getPasswordParameter, getUsernameParameter, setPasswordParameter, setPostOnly, setUsernameParameter

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

afterPropertiesSet, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSecurityContextHolderStrategy, setSecurityContextRepository, setSessionAuthenticationStrategy

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

PROTECTED_REST_ENDPOINTS_PATTERN

public static final String PROTECTED_REST_ENDPOINTS_PATTERN

See Also:

• Constant Field Values

Constructor Details

LocalCrowdSSOAuthenticationProcessingFilter

protected LocalCrowdSSOAuthenticationProcessingFilter(ClientProperties clientProperties,
 CrowdHttpTokenHelper tokenHelper,
 PropertyManager propertyManager,
 TokenAuthenticationManager tokenAuthenticationManager,
 CrowdRememberMeService rememberMeService)

Method Details

onUnsuccessfulAuthentication

protected void onUnsuccessfulAuthentication(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

Description copied from class: AbstractCrowdSSOAuthenticationProcessingFilter

Remove any SSO tokens associated with the request, effectively logging the user out of Crowd.

Specified by:

onUnsuccessfulAuthentication in class AbstractCrowdSSOAuthenticationProcessingFilter

Parameters:

request - servlet request.

response - servlet response.

obtainUsername

protected String obtainUsername(jakarta.servlet.http.HttpServletRequest request)

Overrides:

obtainUsername in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

obtainPassword

protected String obtainPassword(jakarta.servlet.http.HttpServletRequest request)

Overrides:

obtainPassword in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

userWantsToBeRemembered

protected boolean userWantsToBeRemembered(jakarta.servlet.http.HttpServletRequest request)

Specified by:

userWantsToBeRemembered in class AbstractLocalCrowdAuthenticationProcessingFilter

doFilter

public void doFilter(jakarta.servlet.ServletRequest req,
 jakarta.servlet.ServletResponse res,
 jakarta.servlet.FilterChain chain)
              throws IOException,
jakarta.servlet.ServletException

Specified by:

doFilter in interface jakarta.servlet.Filter

Overrides:

doFilter in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Throws:

IOException

jakarta.servlet.ServletException

getSavedPath

protected String getSavedPath(jakarta.servlet.http.HttpServletRequest request)

Overrides:

getSavedPath in class AbstractCrowdSSOAuthenticationProcessingFilter