LoginFilter (Atlassian Seraph 2.6.1-SNAPSHOT API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.seraph.filter
Class LoginFilter

java.lang.Object
  com.atlassian.seraph.filter.BaseLoginFilter
      com.atlassian.seraph.filter.PasswordBasedLoginFilter
          com.atlassian.seraph.filter.LoginFilter

All Implemented Interfaces:: javax.servlet.Filter

public class LoginFilter
extends PasswordBasedLoginFilter
extends PasswordBasedLoginFilter

This is a filter that logs the user in. It works a little like J2EE form-based seraph, except it looks for the parameters 'os_username' and 'os_password' instead of j_username and j_password.

The form post/get action should be the URL of the login servlet/JSP/action - given by SecurityFilter.LOGIN_URL.

If the parameters exist and authentication is successful, the user will be redirected by the filter to the URL given by the session attribute at SecurityFilter.ORIGINAL_URL_KEY.

If this URL doesn't exist, it will look for a parameter 'os_destination' to use as the redirected URL instead.

If neither is found, it is assumed that the page will check the authorisation status and handle redirection itself.

From the any other filter in the request, or the servlet/JSP/action which processes the request, you can look up the status of the authorisation attempt. The status is a String request attribute, with the key 'os_authstatus'.

The possible statuses are:

LoginFilter.LOGIN_SUCCESS - the login was processed, and user was logged in
LoginFilter.LOGIN_FAILURE - the login was processed, the user gave a bad username or password
LoginFilter.LOGIN_ERROR - the login was processed, an exception occurred trying to log the user in
LoginFilter.LOGIN_NOATTEMPT - the login was no processed, no form parameters existed

Nested Class Summary

Nested classes/interfaces inherited from class com.atlassian.seraph.filter.PasswordBasedLoginFilter
`PasswordBasedLoginFilter.UserPasswordPair`

Field Summary

Fields inherited from class com.atlassian.seraph.filter.BaseLoginFilter
`ALREADY_FILTERED, AUTHENTICATION_ERROR_TYPE, LOGIN_ERROR, LOGIN_FAILED, LOGIN_NOATTEMPT, LOGIN_SUCCESS, OS_AUTHSTATUS_KEY`

Constructor Summary
`LoginFilter()`

Method Summary
`protected PasswordBasedLoginFilter.UserPasswordPair`	`extractUserPasswordPair(javax.servlet.http.HttpServletRequest request)` Returns a username password pair for this request.

Methods inherited from class com.atlassian.seraph.filter.PasswordBasedLoginFilter
`login`

Methods inherited from class com.atlassian.seraph.filter.BaseLoginFilter
`destroy, doFilter, getAuthenticationContext, getAuthenticator, getElevatedSecurityGuard, getFilterConfig, getSecurityConfig, init, isAbsoluteUrl, redirectToOriginalDestination, setFilterConfig`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

LoginFilter

public LoginFilter()

Method Detail

extractUserPasswordPair

protected PasswordBasedLoginFilter.UserPasswordPair extractUserPasswordPair(javax.servlet.http.HttpServletRequest request)

Description copied from class: PasswordBasedLoginFilter

Returns a username password pair for this request. If this request does not contain user credentials - returns null;

Specified by:: extractUserPasswordPair in class PasswordBasedLoginFilter

Parameters:: request - the HTTP request in play
Returns:: user credentials or null