Class ODLHttpAuthenticationFilter
- java.lang.Object
-
- org.apache.shiro.web.servlet.ServletContextSupport
-
- org.apache.shiro.web.servlet.AbstractFilter
-
- org.apache.shiro.web.servlet.NameableFilter
-
- org.apache.shiro.web.servlet.OncePerRequestFilter
-
- org.apache.shiro.web.servlet.AdviceFilter
-
- org.apache.shiro.web.filter.PathMatchingFilter
-
- org.apache.shiro.web.filter.AccessControlFilter
-
- org.apache.shiro.web.filter.authc.AuthenticationFilter
-
- org.apache.shiro.web.filter.authc.AuthenticatingFilter
-
- org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
-
- org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.apache.shiro.util.Nameable
,org.apache.shiro.web.filter.PathConfigProcessor
public class ODLHttpAuthenticationFilter extends org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
ExtendsBasicHttpAuthenticationFilter
to include ability to authenticate OAuth2 tokens.This behavior is enabled by default for backwards compatibility. To disable OAuth2 functionality, just comment out the following line from the
etc/shiro.ini
file:authcBasic = ODLHttpAuthenticationFilter
then restart the karaf container.
-
-
Field Summary
Fields Modifier and Type Field Description protected static String
AUTHENTICATE_HEADER
protected static String
AUTHORIZATION_HEADER
protected static String
BEARER_SCHEME
protected static String
OPTIONS_HEADER
-
Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter
DEFAULT_SUCCESS_URL
-
Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter
DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD
-
Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter
appliedPaths, pathMatcher
-
-
Constructor Summary
Constructors Constructor Description ODLHttpAuthenticationFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description String
getApplicationName()
String
getAuthcScheme()
protected String
getAuthzHeader(javax.servlet.ServletRequest arg0)
String
getAuthzScheme()
protected String[]
getPrincipalsAndCredentials(String scheme, String encoded)
protected String[]
getPrincipalsAndCredentials(String arg0, javax.servlet.ServletRequest arg1)
protected boolean
isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)
protected boolean
isLoginAttempt(String authzHeader)
protected boolean
isLoginAttempt(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)
protected boolean
isLoginRequest(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)
protected boolean
onAccessDenied(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)
protected boolean
sendChallenge(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)
void
setApplicationName(String arg0)
void
setAuthcScheme(String arg0)
void
setAuthzScheme(String arg0)
-
Methods inherited from class org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
createToken
-
Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter
cleanup, createToken, createToken, executeLogin, getHost, isPermissive, isRememberMe, onLoginFailure, onLoginSuccess
-
Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter
getSuccessUrl, issueSuccessRedirect, setSuccessUrl
-
Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter
getLoginUrl, getSubject, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl
-
Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter
getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig
-
Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, doFilterInternal, executeChain, postHandle
-
Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, isFilterOncePerRequest, setEnabled, setFilterOncePerRequest, shouldNotFilter
-
Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder
-
Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
-
-
-
-
Field Detail
-
BEARER_SCHEME
protected static final String BEARER_SCHEME
- See Also:
- Constant Field Values
-
OPTIONS_HEADER
protected static final String OPTIONS_HEADER
- See Also:
- Constant Field Values
-
AUTHORIZATION_HEADER
protected static final String AUTHORIZATION_HEADER
- See Also:
- Constant Field Values
-
AUTHENTICATE_HEADER
protected static final String AUTHENTICATE_HEADER
- See Also:
- Constant Field Values
-
-
Method Detail
-
getPrincipalsAndCredentials
protected String[] getPrincipalsAndCredentials(String scheme, String encoded)
- Overrides:
getPrincipalsAndCredentials
in classorg.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
-
isLoginAttempt
protected boolean isLoginAttempt(String authzHeader)
-
isAccessAllowed
protected boolean isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)
-
getApplicationName
public String getApplicationName()
-
setApplicationName
public void setApplicationName(String arg0)
-
getAuthzScheme
public String getAuthzScheme()
-
setAuthzScheme
public void setAuthzScheme(String arg0)
-
getAuthcScheme
public String getAuthcScheme()
-
setAuthcScheme
public void setAuthcScheme(String arg0)
-
onAccessDenied
protected boolean onAccessDenied(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1) throws Exception
- Specified by:
onAccessDenied
in classorg.apache.shiro.web.filter.AccessControlFilter
- Throws:
Exception
-
isLoginAttempt
protected boolean isLoginAttempt(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)
-
isLoginRequest
protected final boolean isLoginRequest(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)
- Overrides:
isLoginRequest
in classorg.apache.shiro.web.filter.AccessControlFilter
-
getAuthzHeader
protected String getAuthzHeader(javax.servlet.ServletRequest arg0)
-
sendChallenge
protected boolean sendChallenge(javax.servlet.ServletRequest arg0, javax.servlet.ServletResponse arg1)
-
-