com.atlassian.security.auth.trustedapps.filter
Class TrustedApplicationsFilter
java.lang.Object
com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter
- All Implemented Interfaces:
- javax.servlet.Filter
- Direct Known Subclasses:
- SeraphTrustedApplicationsFilter
- public class TrustedApplicationsFilter
- extends java.lang.Object
- implements javax.servlet.Filter
This filter serves two purposes:
- Authenticates requests from trusted applications if the right certificate is
present in the request.
- Returns the UID and public key of this application upon request so other servers can
establish trusted relationship with this application as a client.
For the first purpose, the filter will intercept any calls to a page '/admin/appTrustCertificate'. Directory
structure of the request will be ignored. The returned page will contain 2 lines:
- ID
- public key BASE64 encoded
For the second purpose the following header parameters must be present and valid:
CurrentApplication.HEADER_TRUSTED_APP_CERT CurrentApplication.HEADER_TRUSTED_APP_ID
If the authentication should fail a message will be set in the response header:
CurrentApplication.HEADER_TRUSTED_APP_ERROR
|
Method Summary |
void |
destroy()
|
void |
doFilter(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res,
javax.servlet.FilterChain chain)
|
javax.servlet.FilterConfig |
getFilterConfig()
Deprecated. Not needed in latest version of Servlet 2.3 API |
protected java.lang.String |
getPathInfo(javax.servlet.http.HttpServletRequest request)
|
void |
init(javax.servlet.FilterConfig config)
|
void |
setFilterConfig(javax.servlet.FilterConfig filterConfig)
Deprecated. Not needed in latest version of Servlet 2.3 API - replaced by init(). |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TrustedApplicationsFilter
public TrustedApplicationsFilter(TrustedApplicationsManager appManager,
UserResolver resolver,
AuthenticationController authenticationController,
AuthenticationListener authenticationListener)
TrustedApplicationsFilter
protected TrustedApplicationsFilter(TrustedApplicationsFilter.CertificateServer certificateServer,
Authenticator authenticator,
AuthenticationController authenticationController,
AuthenticationListener authenticationListener)
doFilter
public void doFilter(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res,
javax.servlet.FilterChain chain)
throws java.io.IOException,
javax.servlet.ServletException
- Specified by:
doFilter in interface javax.servlet.Filter
- Throws:
java.io.IOException
javax.servlet.ServletException
getPathInfo
protected java.lang.String getPathInfo(javax.servlet.http.HttpServletRequest request)
init
public void init(javax.servlet.FilterConfig config)
- Specified by:
init in interface javax.servlet.Filter
destroy
public void destroy()
- Specified by:
destroy in interface javax.servlet.Filter
getFilterConfig
public javax.servlet.FilterConfig getFilterConfig()
- Deprecated. Not needed in latest version of Servlet 2.3 API
setFilterConfig
public void setFilterConfig(javax.servlet.FilterConfig filterConfig)
- Deprecated. Not needed in latest version of Servlet 2.3 API - replaced by init().
Copyright © 2009 Atlassian Pty Ltd. All Rights Reserved.