com.atlassian.jira.rest.auth
Class JiraRestSeraphAuthFilter
java.lang.Object
com.atlassian.jira.rest.auth.JiraRestSeraphAuthFilter
- All Implemented Interfaces:
- javax.servlet.Filter
public class JiraRestSeraphAuthFilter
- extends Object
- implements javax.servlet.Filter
JRA-25405: Users need to be able to hit '/rest/auth' even when their session has expired.
The 'RestSeraphFilter' adds a magic seraph attribute to rest requests (i.e. /rest) that make seraph return a 401
when a request is made from a person whose session timed out. It does this under the assumption
that the person did not mean to logout and will want to know that their session expired.
Unfortunately, to log back in this user needs to hit a rest resource (i.e. /rest/auth). However, they
will be unable to do so as they get a 401. To get around this we set this magic attribute to "none" for
rest calls under '/rest/auth' under the assumption that these calls will handle their own authentication.
- Since:
- v4.4.5
Method Summary |
void |
destroy()
|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
|
void |
init(javax.servlet.FilterConfig filterConfig)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
JiraRestSeraphAuthFilter
public JiraRestSeraphAuthFilter()
init
public void init(javax.servlet.FilterConfig filterConfig)
throws javax.servlet.ServletException
- Specified by:
init
in interface javax.servlet.Filter
- Throws:
javax.servlet.ServletException
doFilter
public void doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
- Specified by:
doFilter
in interface javax.servlet.Filter
- Throws:
IOException
javax.servlet.ServletException
destroy
public void destroy()
- Specified by:
destroy
in interface javax.servlet.Filter
Copyright © 2002-2013 Atlassian. All Rights Reserved.