info.magnolia.cms.security
Class BaseSecurityFilter

java.lang.Object
  extended by info.magnolia.cms.filters.AbstractMgnlFilter
      extended by info.magnolia.cms.security.BaseSecurityFilter
All Implemented Interfaces:
MgnlFilter, javax.servlet.Filter
Direct Known Subclasses:
ContentSecurityFilter, URISecurityFilter

public abstract class BaseSecurityFilter
extends AbstractMgnlFilter

Provides basic infrastructure to authenticate request using form or basic realm.

Author:
Sameer Charles $Id: BaseSecurityFilter.java 41137 2011-01-06 18:19:25Z gjoseph $

Constructor Summary
BaseSecurityFilter()
           
 
Method Summary
protected  void doAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          In most cases this will provide a standard login mechanism, override this to support other login strategies.
 void doFilter(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain)
          Continue with the Magnolia defined filter chain if isAllowed returns true else send an authentication request to the client as configured.
 HttpClientCallback getClientCallback()
           
protected abstract  boolean isAllowed(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
           
 void setClientCallback(HttpClientCallback clientCallback)
           
 
Methods inherited from class info.magnolia.cms.filters.AbstractMgnlFilter
acceptsEncoding, acceptsGzipEncoding, addAndVerifyHeader, addBypass, addMapping, bypasses, destroy, doFilter, getBypasses, getDispatching, getMapping, getMappings, getName, headerContains, init, isEnabled, mapsTo, matches, matchesDispatching, setDispatching, setEnabled, setName
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BaseSecurityFilter

public BaseSecurityFilter()
Method Detail

doFilter

public void doFilter(javax.servlet.http.HttpServletRequest request,
                     javax.servlet.http.HttpServletResponse response,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
Continue with the Magnolia defined filter chain if isAllowed returns true else send an authentication request to the client as configured.

Specified by:
doFilter in class AbstractMgnlFilter
Throws:
IOException
javax.servlet.ServletException

isAllowed

protected abstract boolean isAllowed(javax.servlet.http.HttpServletRequest request,
                                     javax.servlet.http.HttpServletResponse response)
                              throws IOException
Throws:
IOException

doAuthenticate

protected void doAuthenticate(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response)
In most cases this will provide a standard login mechanism, override this to support other login strategies.


getClientCallback

public HttpClientCallback getClientCallback()

setClientCallback

public void setClientCallback(HttpClientCallback clientCallback)


Copyright © 2003-2011 Magnolia International Ltd.. All Rights Reserved.