public abstract class AbstractTokenAuthFilter extends Object implements javax.servlet.Filter
AuthenticationService
to authenticate the request
by validating the token, expected to be present as a value of the header
parameter AuthConstants.TOKEN
.
Upon successful validation, all authentication data will be injected into
the request as parameters and will be passed downstream. This
authentication data includes information such as domain, user and user
roles. The AuthConstants.AUTH_IDENTITY_STATUS
request parameter will be set to
AuthConstants.AUTH_IDENTITY_CONFIRMED
.
If token validation fails, or if no token is present, the
AuthConstants.AUTH_IDENTITY_STATUS
request
parameter will be set to
AuthConstants.AUTH_IDENTITY_INVALID
. It is up
to the downstream filter to allow an invalid identity status or not.
Modifier | Constructor and Description |
---|---|
protected |
AbstractTokenAuthFilter(org.slf4j.Logger log) |
Modifier and Type | Method and Description |
---|---|
protected abstract AuthenticationService |
authenticator()
Get the authenticator to be used for validating the token.
|
void |
destroy() |
void |
doFilter(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse resp,
javax.servlet.FilterChain chain) |
void |
init(javax.servlet.FilterConfig filterConfig) |
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void destroy()
destroy
in interface javax.servlet.Filter
protected abstract AuthenticationService authenticator()
public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse resp, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
Copyright © 2015. All Rights Reserved.