Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.plugin.rest.filter
Class BasicApplicationAuthenticationFilter

java.lang.Object
  extended by com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter
      extended by com.atlassian.crowd.plugin.rest.filter.BasicApplicationAuthenticationFilter
All Implemented Interfaces:
javax.servlet.Filter
public class BasicApplicationAuthenticationFilter
extends AbstractBasicAuthenticationFilter

Implementation of HTTP Basic Authentication such that all invocations to the filter must be authenticated with a valid application name and corresponding password. As a performance enhancement the application name is saved in the session after a successful authentication. Password check is waived with consequent requests when the application name in the request matches the application name in the session. Clients wishing to take advantage of this feature must support cookies.

Nested Class Summary
 
Nested classes/interfaces inherited from class com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter
AbstractBasicAuthenticationFilter.Credentials
 
Constructor Summary
BasicApplicationAuthenticationFilter(ApplicationManager applicationManager, ClientValidationManager clientValidationManager, TokenAuthenticationManager tokenAuthenticationManager)
           
 
Method Summary
 void doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain chain)
           
protected  String getAuthenticatedEntity(javax.servlet.http.HttpServletRequest request)
          Returns the authenticated entity from the request, or null if there is no authenticated entity.
protected  String getAuthenticationErrorMessage()
           
protected  String getBasicRealm()
           
protected  String getEntityAttributeKey()
           
protected  boolean isAuthenticated(javax.servlet.http.HttpServletRequest request, AbstractBasicAuthenticationFilter.Credentials credentials)
          Decorates the parent behaviour to check also the validity of the token
protected  void setAuthenticatedEntity(javax.servlet.http.HttpServletRequest request, String name)
          Sets the authenticated entity.
 
Methods inherited from class com.atlassian.crowd.plugin.rest.filter.AbstractBasicAuthenticationFilter
destroy, ensureSeraphForwardsRequest, getBasicAuthCredentials, init, respondWithChallenge
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BasicApplicationAuthenticationFilter

public BasicApplicationAuthenticationFilter(ApplicationManager applicationManager,
                                            ClientValidationManager clientValidationManager,
                                            TokenAuthenticationManager tokenAuthenticationManager)
Method Detail

doFilter

public void doFilter(javax.servlet.ServletRequest servletRequest,
                     javax.servlet.ServletResponse servletResponse,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
Throws:
IOException
javax.servlet.ServletException

isAuthenticated

protected boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
                                  AbstractBasicAuthenticationFilter.Credentials credentials)
Decorates the parent behaviour to check also the validity of the token

Overrides:
isAuthenticated in class AbstractBasicAuthenticationFilter
Parameters:
request - HTTP servlet request possibly containing a HttpSession
credentials - credentials sent with the request
Returns:
true is the application is authenticated

getAuthenticatedEntity

protected String getAuthenticatedEntity(javax.servlet.http.HttpServletRequest request)
Returns the authenticated entity from the request, or null if there is no authenticated entity.

Overrides:
getAuthenticatedEntity in class AbstractBasicAuthenticationFilter
Parameters:
request - Request
Returns:
authenticated entity from the request, or null if there is no authenticated entity.

setAuthenticatedEntity

protected void setAuthenticatedEntity(javax.servlet.http.HttpServletRequest request,
                                      String name)
Sets the authenticated entity.

Overrides:
setAuthenticatedEntity in class AbstractBasicAuthenticationFilter
Parameters:
request - Request
name - the name of the authenticated entity

getEntityAttributeKey

protected String getEntityAttributeKey()
Specified by:
getEntityAttributeKey in class AbstractBasicAuthenticationFilter

getAuthenticationErrorMessage

protected String getAuthenticationErrorMessage()
Specified by:
getAuthenticationErrorMessage in class AbstractBasicAuthenticationFilter

getBasicRealm

protected String getBasicRealm()
Specified by:
getBasicRealm in class AbstractBasicAuthenticationFilter
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2014 Atlassian. All Rights Reserved.