org.apache.shindig.auth

Class AuthenticationServletFilter

java.lang.Object

org.apache.shindig.common.servlet.InjectedFilter

org.apache.shindig.auth.AuthenticationServletFilter

All Implemented Interfaces:

javax.servlet.Filter

public class AuthenticationServletFilter
extends InjectedFilter

Filter that attempts to authenticate an incoming HTTP request. It uses the guice injected AuthenticationHandlers to try and generate a SecurityToken from the request. Once it finds a non null token it passes that on the chain. If you wish to add a container specific type of auth system simply register an additional handler.

Field Summary

Fields

Modifier and Type	Field and Description
static String	WWW_AUTHENTICATE_HEADER

Fields inherited from class org.apache.shindig.common.servlet.InjectedFilter

injector

Constructor Summary

Constructors

Constructor and Description
AuthenticationServletFilter()

Method Summary

Methods

Modifier and Type	Method and Description
void	destroy()
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
protected String	getRealm(javax.servlet.http.HttpServletRequest request) Override this to return container server specific realm.
protected void	onError(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, AuthenticationHandler.InvalidAuthenticationException iae) Override this to perform extra error processing.
protected void	onRedirect(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, AuthenticationHandler.InvalidAuthenticationException iae) Override this to perform extra processing on redirect.
void	setAuthenticationHandlers(List<AuthenticationHandler> handlers)
void	setAuthenticationRealm(String realm)

Methods inherited from class org.apache.shindig.common.servlet.InjectedFilter

init

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

WWW_AUTHENTICATE_HEADER

public static final String WWW_AUTHENTICATE_HEADER

See Also:

Constant Field Values

Constructor Detail

AuthenticationServletFilter

public AuthenticationServletFilter()

Method Detail

setAuthenticationRealm

@Inject(optional=true)
public void setAuthenticationRealm(String realm)

setAuthenticationHandlers

@Inject
public void setAuthenticationHandlers(List<AuthenticationHandler> handlers)

destroy

public void destroy()

doFilter

public void doFilter(javax.servlet.ServletRequest request,
            javax.servlet.ServletResponse response,
            javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException

Throws:

IOException

javax.servlet.ServletException

getRealm

protected String getRealm(javax.servlet.http.HttpServletRequest request)

Override this to return container server specific realm.

Returns:

The authentication realm for this server.

onError

protected void onError(javax.servlet.http.HttpServletRequest req,
           javax.servlet.http.HttpServletResponse resp,
           AuthenticationHandler.InvalidAuthenticationException iae)
                throws IOException

Override this to perform extra error processing. Headers will have already been set on the response.

Parameters:

req - the current http request for this filter

resp - the current http response for this filter

iae - the exception that caused the error path

Throws:

IOException

onRedirect

protected void onRedirect(javax.servlet.http.HttpServletRequest req,
              javax.servlet.http.HttpServletResponse resp,
              AuthenticationHandler.InvalidAuthenticationException iae)
                   throws IOException

Override this to perform extra processing on redirect. Headers will have already been set on the response.

Parameters:

req - the current http request for this filter

resp - the current http response for this filter

iae - the exception that caused the redirect path

Throws:

IOException