Package org.opendaylight.aaa.shiro.filters

Class ODLHttpAuthenticationFilter

  • All Implemented Interfaces:
    javax.servlet.Filter, org.apache.shiro.util.Nameable, org.apache.shiro.web.filter.PathConfigProcessor
    public class ODLHttpAuthenticationFilter
extends org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
    Extends BasicHttpAuthenticationFilter to include ability to authenticate OAuth2 tokens.

    This behavior is enabled by default for backwards compatibility. To disable OAuth2 functionality, just comment out the following line from the etc/shiro.ini file: authcBasic = ODLHttpAuthenticationFilter then restart the karaf container.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected static String AUTHENTICATE_HEADER  
      protected static String AUTHORIZATION_HEADER  
      protected static String BEARER_SCHEME  
      protected static String OPTIONS_HEADER  

      • Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter

        PERMISSIVE

      • Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter

        DEFAULT_SUCCESS_URL

      • Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter

        DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD

      • Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter

        appliedPaths, pathMatcher

      • Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

        ALREADY_FILTERED_SUFFIX

      • Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter

        filterConfig

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      String getApplicationName()  
      String getAuthcScheme()  
      protected String getAuthzHeader​(javax.servlet.ServletRequest arg0)  
      String getAuthzScheme()  
      protected String[] getPrincipalsAndCredentials​(String scheme, String encoded)  
      protected String[] getPrincipalsAndCredentials​(String arg0, javax.servlet.ServletRequest arg1)  
      protected boolean isAccessAllowed​(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)  
      protected boolean isLoginAttempt​(String authzHeader)  
      protected boolean isLoginAttempt​(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)  
      protected boolean isLoginRequest​(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)  
      protected boolean onAccessDenied​(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)  
      protected boolean sendChallenge​(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)  
      void setApplicationName​(String arg0)  
      void setAuthcScheme​(String arg0)  
      void setAuthzScheme​(String arg0)  

      • Methods inherited from class org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter

        createToken

      • Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter

        cleanup, createToken, createToken, executeLogin, getHost, isPermissive, isRememberMe, onLoginFailure, onLoginSuccess

      • Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter

        getSuccessUrl, issueSuccessRedirect, setSuccessUrl

      • Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter

        getLoginUrl, getSubject, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl

      • Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter

        getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig

      • Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter

        afterCompletion, doFilterInternal, executeChain, postHandle

      • Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

        doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, isFilterOncePerRequest, setEnabled, setFilterOncePerRequest, shouldNotFilter

      • Methods inherited from class org.apache.shiro.web.servlet.NameableFilter

        getName, setName, toStringBuilder

      • Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter

        destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig

      • Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport

        getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString

    • Constructor Detail

      • ODLHttpAuthenticationFilter

        public ODLHttpAuthenticationFilter()

    • Method Detail

      • getPrincipalsAndCredentials

        protected String[] getPrincipalsAndCredentials​(String scheme,
                                               String encoded)
        Overrides:
        getPrincipalsAndCredentials in class org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter

      • isLoginAttempt

        protected boolean isLoginAttempt​(String authzHeader)

      • isAccessAllowed

        protected boolean isAccessAllowed​(javax.servlet.ServletRequest request,
                                  javax.servlet.ServletResponse response,
                                  Object mappedValue)

      • getApplicationName

        public String getApplicationName()

      • setApplicationName

        public void setApplicationName​(String arg0)

      • getAuthzScheme

        public String getAuthzScheme()

      • setAuthzScheme

        public void setAuthzScheme​(String arg0)

      • getAuthcScheme

        public String getAuthcScheme()

      • setAuthcScheme

        public void setAuthcScheme​(String arg0)

      • onAccessDenied

        protected boolean onAccessDenied​(javax.servlet.ServletRequest arg0,
                                 javax.servlet.ServletResponse arg1)
                          throws Exception
        Specified by:
        onAccessDenied in class org.apache.shiro.web.filter.AccessControlFilter
        Throws:
        Exception

      • isLoginAttempt

        protected boolean isLoginAttempt​(javax.servlet.ServletRequest arg0,
                                 javax.servlet.ServletResponse arg1)

      • isLoginRequest

        protected final boolean isLoginRequest​(javax.servlet.ServletRequest arg0,
                                       javax.servlet.ServletResponse arg1)
        Overrides:
        isLoginRequest in class org.apache.shiro.web.filter.AccessControlFilter

      • getAuthzHeader

        protected String getAuthzHeader​(javax.servlet.ServletRequest arg0)

      • sendChallenge

        protected boolean sendChallenge​(javax.servlet.ServletRequest arg0,
                                javax.servlet.ServletResponse arg1)

      • getPrincipalsAndCredentials

        protected String[] getPrincipalsAndCredentials​(String arg0,
                                               javax.servlet.ServletRequest arg1)