public class JiraRestSeraphAuthFilter extends Object implements javax.servlet.Filter
The 'RestSeraphFilter' adds a magic seraph attribute to rest requests (i.e. /rest) that make seraph return a 401 when a request is made from a person whose session timed out. It does this under the assumption that the person did not mean to logout and will want to know that their session expired.
Unfortunately, to log back in this user needs to hit a rest resource (i.e. /rest/auth). However, they will be unable to do so as they get a 401. To get around this we set this magic attribute to "none" for rest calls under '/rest/auth' under the assumption that these calls will handle their own authentication.
Constructor and Description |
---|
JiraRestSeraphAuthFilter() |
Modifier and Type | Method and Description |
---|---|
void |
destroy() |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain) |
void |
init(javax.servlet.FilterConfig filterConfig) |
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
public void destroy()
destroy
in interface javax.servlet.Filter
Copyright © 2002-2015 Atlassian. All Rights Reserved.