|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.alfresco.repo.webdav.auth.BaseAuthenticationFilter
org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
public abstract class BaseSSOAuthenticationFilter
Base class with common code and initialisation for single signon authentication filters.
Field Summary | |
---|---|
protected static java.lang.String |
MIME_HTML_TEXT
|
Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter |
---|
ARG_TICKET, AUTHENTICATION_USER, authenticationComponent, authenticationService, NO_AUTH_REQUIRED, nodeService, personService, remoteUserMapper, transactionService |
Constructor Summary | |
---|---|
BaseSSOAuthenticationFilter()
|
Method Summary | |
---|---|
void |
afterPropertiesSet()
|
protected boolean |
allowsTicketLogons()
Check if ticket based logons are allowed |
protected boolean |
checkForTicketParameter(javax.servlet.ServletContext servletContext,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Check if the request has specified a ticket parameter to bypass the standard authentication. |
void |
doFilter(javax.servlet.ServletContext context,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
The doFilter method of the Filter is called by the container each time a request/response pair is
passed through the chain due to a client request for a resource at the end of the chain. |
protected java.lang.String |
getLoginPage()
Return the login page address |
protected org.alfresco.jlan.server.config.SecurityConfigSection |
getSecurityConfigSection()
|
protected java.lang.String |
getServerName()
Because the file server configuration may change during the lifetime of this filter, this method checks against the last configured server name before returning a cached result |
protected boolean |
hasLoginPage()
Determine if the login page is available |
protected void |
init()
Initializes the filter. |
boolean |
isActive()
|
protected boolean |
isNTLMSSPBlob(byte[] byts,
int offset)
Check if a security blob starts with the NTLMSSP signature |
protected java.lang.String |
mapClientAddressToDomain(java.lang.String clientIP)
Map a client IP address to a domain |
protected boolean |
onLoginComplete(javax.servlet.ServletContext sc,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res,
boolean userInit)
Callback executed on completion of NTLM login |
protected void |
onValidate(javax.servlet.ServletContext sc,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Callback executed on successful ticket validation during Type3 Message processing. |
protected void |
onValidateFailed(javax.servlet.ServletContext sc,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res,
javax.servlet.http.HttpSession session)
Callback executed on failed authentication of a user ticket during Type3 Message processing |
protected void |
redirectToLoginPage(javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Redirect to the login page |
void |
setActive(boolean active)
Activates or deactivates the bean |
protected void |
setLoginPage(java.lang.String loginPage)
Set the login page address |
void |
setServerConfiguration(org.alfresco.filesys.ExtendedServerConfigurationAccessor serverConfiguration)
|
void |
setTicketLogons(boolean ticketsAllowed)
Set the ticket based logons allowed flag |
protected void |
writeLoginPageLink(javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Writes link to login page and refresh tag which cause user to be redirected to the login page. |
Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter |
---|
createUserEnvironment, createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationComponent, setAuthenticationService, setNodeService, setPersonService, setRemoteUserMapper, setTransactionService, setUserAttributeName |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface org.alfresco.repo.webdav.auth.AuthenticationDriver |
---|
authenticateRequest, restartLoginChallenge |
Field Detail |
---|
protected static final java.lang.String MIME_HTML_TEXT
Constructor Detail |
---|
public BaseSSOAuthenticationFilter()
Method Detail |
---|
public void setServerConfiguration(org.alfresco.filesys.ExtendedServerConfigurationAccessor serverConfiguration)
serverConfiguration
- the serverConfiguration to setpublic final void setActive(boolean active)
active
- true
if the bean is active and initialization should completepublic final boolean isActive()
isActive
in interface org.alfresco.repo.management.subsystems.ActivateableBean
public final void afterPropertiesSet() throws javax.servlet.ServletException
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletContext context, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
DependencyInjectedFilter
doFilter
method of the Filter is called by the container each time a request/response pair is
passed through the chain due to a client request for a resource at the end of the chain. The FilterChain passed
in to this method allows the Filter to pass on the request and response to the next entity in the chain.
A typical implementation of this method would follow the following pattern:-
1. Examine the request
2. Optionally wrap the request object with a custom implementation to filter content or headers for input
filtering
3. Optionally wrap the response object with a custom implementation to filter content or headers for output
filtering
4. a) Either invoke the next entity in the chain using the FilterChain object (
chain.doFilter()
),
4. b) or not pass on the request/response pair to the next entity in the filter chain to block
the request processing
5. Directly set headers on the response after invocation of the next entity in the filter chain.
doFilter
in interface DependencyInjectedFilter
java.io.IOException
javax.servlet.ServletException
protected void init() throws javax.servlet.ServletException
BaseSSOAuthenticationFilter.isActive()
. Subclasses
should override.
javax.servlet.ServletException
protected void onValidate(javax.servlet.ServletContext sc, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
sc
- the servlet contextreq
- the requestres
- the responseprotected void onValidateFailed(javax.servlet.ServletContext sc, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, javax.servlet.http.HttpSession session) throws java.io.IOException
sc
- the servlet contextreq
- HttpServletRequestres
- HttpServletResponsesession
- HttpSession
java.io.IOException
protected boolean onLoginComplete(javax.servlet.ServletContext sc, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, boolean userInit) throws java.io.IOException
req
- HttpServletRequestres
- HttpServletResponse
java.io.IOException
protected final java.lang.String mapClientAddressToDomain(java.lang.String clientIP)
clientIP
- String
protected boolean checkForTicketParameter(javax.servlet.ServletContext servletContext, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
servletContext
- the servlet contextreq
- the requestresp
- the response
protected void redirectToLoginPage(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) throws java.io.IOException
req
- HttpServletRequestreq
- HttpServletResponse
java.io.IOException
protected final boolean hasLoginPage()
protected final java.lang.String getLoginPage()
protected final void setLoginPage(java.lang.String loginPage)
loginPage
- Stringprotected final boolean allowsTicketLogons()
public final void setTicketLogons(boolean ticketsAllowed)
ticketsAllowed
- booleanprotected final boolean isNTLMSSPBlob(byte[] byts, int offset)
byts
- byte[]offset
- int
protected java.lang.String getServerName()
protected org.alfresco.jlan.server.config.SecurityConfigSection getSecurityConfigSection()
protected void writeLoginPageLink(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws java.io.IOException
resp
- HttpServletResponsehttpSess
- HttpSession
java.io.IOException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |