public class ProcessEngineAuthenticationFilter extends Object implements javax.servlet.Filter
Servlet filter to plug in authentication.
Valid init-params:
Parameter | Required | Expected value |
---|---|---|
"authentication-provider" | yes | An implementation of AuthenticationProvider |
"rest-url-pattern-prefix" | no | The expected servlet path. Should only be set, if the underlying JAX-RS application is not deployed as a servlet (e.g. Resteasy allows deployments
as a servlet filter). Value has to match what would be the HttpServletRequest.getServletPath() if it was deployed as a servlet. |
Modifier and Type | Field and Description |
---|---|
static String |
AUTHENTICATION_PROVIDER_PARAM |
protected AuthenticationProvider |
authenticationProvider |
protected static String |
DEFAULT_ENGINE_NAME |
protected static Pattern |
ENGINE_REQUEST_URL_PATTERN |
static String |
SERVLET_PATH_PREFIX |
protected String |
servletPathPrefix |
protected static Pattern[] |
WHITE_LISTED_URL_PATTERNS |
Constructor and Description |
---|
ProcessEngineAuthenticationFilter() |
Modifier and Type | Method and Description |
---|---|
protected void |
clearAuthentication(ProcessEngine engine) |
void |
destroy() |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain) |
protected String |
extractEngineName(String requestUrl)
May not return null
|
protected ProcessEngine |
getAddressedEngine(String engineName) |
protected List<String> |
getGroupsOfUser(ProcessEngine engine,
String userId) |
protected List<String> |
getTenantsOfUser(ProcessEngine engine,
String userId) |
void |
init(javax.servlet.FilterConfig filterConfig) |
protected boolean |
requiresEngineAuthentication(String requestUrl) |
protected void |
setAuthenticatedUser(ProcessEngine engine,
String userId) |
protected static final Pattern[] WHITE_LISTED_URL_PATTERNS
protected static final Pattern ENGINE_REQUEST_URL_PATTERN
protected static final String DEFAULT_ENGINE_NAME
public static final String AUTHENTICATION_PROVIDER_PARAM
public static final String SERVLET_PATH_PREFIX
protected AuthenticationProvider authenticationProvider
protected String servletPathPrefix
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
public void destroy()
destroy
in interface javax.servlet.Filter
protected void setAuthenticatedUser(ProcessEngine engine, String userId)
protected List<String> getGroupsOfUser(ProcessEngine engine, String userId)
protected List<String> getTenantsOfUser(ProcessEngine engine, String userId)
protected void clearAuthentication(ProcessEngine engine)
protected boolean requiresEngineAuthentication(String requestUrl)
protected ProcessEngine getAddressedEngine(String engineName)
Copyright © 2017. All rights reserved.