cn.dreampie.common.plugin.shiro

类 MyAuthenticatingFilter

java.lang.Object

org.apache.shiro.web.servlet.ServletContextSupport

org.apache.shiro.web.servlet.AbstractFilter

org.apache.shiro.web.servlet.NameableFilter

org.apache.shiro.web.servlet.OncePerRequestFilter

org.apache.shiro.web.servlet.AdviceFilter

org.apache.shiro.web.filter.PathMatchingFilter

cn.dreampie.common.plugin.shiro.MyAccessControlFilter

cn.dreampie.common.plugin.shiro.MyAuthenticationFilter

cn.dreampie.common.plugin.shiro.MyAuthenticatingFilter

所有已实现的接口:

javax.servlet.Filter, org.apache.shiro.util.Nameable, org.apache.shiro.web.filter.PathConfigProcessor

直接已知子类:

MyFormAuthenticationFilter

public abstract class MyAuthenticatingFilter
extends MyAuthenticationFilter

An AuthenticationFilter that is capable of automatically performing an authentication attempt based on the incoming request.

从以下版本开始:

0.9

字段概要

字段

限定符和类型	字段和说明
static String	PERMISSIVE

从类继承的字段 cn.dreampie.common.plugin.shiro.MyAuthenticationFilter

DEFAULT_SUCCESS_URL

从类继承的字段 cn.dreampie.common.plugin.shiro.MyAccessControlFilter

DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD

从类继承的字段 org.apache.shiro.web.filter.PathMatchingFilter

appliedPaths, pathMatcher

从类继承的字段 org.apache.shiro.web.servlet.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

从类继承的字段 org.apache.shiro.web.servlet.AbstractFilter

filterConfig

构造器概要

构造器

构造器和说明
MyAuthenticatingFilter()

方法概要

方法

限定符和类型	方法和说明
protected void	cleanup(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Exception existing) Overrides the default behavior to call MyAccessControlFilter.onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object) and swallow the exception if the exception is UnauthenticatedException.
protected abstract CaptchaUsernamePasswordToken	createToken(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
protected CaptchaUsernamePasswordToken	createToken(String username, String password, boolean rememberMe, String host)
protected CaptchaUsernamePasswordToken	createToken(String username, String password, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
protected CaptchaUsernamePasswordToken	createToken(String username, String password, String captcha, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
protected void	doCaptchaValidate(CaptchaUsernamePasswordToken token)
protected boolean	executeLogin(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
protected String	getCaptcha(javax.servlet.ServletRequest request)
protected String	getHost(javax.servlet.ServletRequest request) Returns the host name or IP associated with the current subject.
protected boolean	isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue) Determines whether the current subject should be allowed to make the current request.
protected boolean	isPermissive(Object mappedValue) Returns true if the mappedValue contains the PERMISSIVE qualifier.
protected boolean	isRememberMe(javax.servlet.ServletRequest request) Returns true if "rememberMe" should be enabled for the login attempt associated with the current request, false otherwise.
protected boolean	onLoginFailure(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationException e, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
protected boolean	onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.subject.Subject subject, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)

从类继承的方法 cn.dreampie.common.plugin.shiro.MyAuthenticationFilter

dynaRedirect, getSuccessUrl, getSuccessUrlMap, issueFailureRedirect, issueSuccessRedirect, setSuccessUrl, setSuccessUrlMap

从类继承的方法 cn.dreampie.common.plugin.shiro.MyAccessControlFilter

getFailureUrl, getFailureUrlMap, getLoginUrl, getLoginUrlMap, getRealFailureUrl, getRealLoginUrl, getSubject, isLoginRequest, onAccessDenied, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setFailureUrl, setFailureUrlMap, setLoginUrl, setLoginUrlMap

从类继承的方法 org.apache.shiro.web.filter.PathMatchingFilter

getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig

从类继承的方法 org.apache.shiro.web.servlet.AdviceFilter

afterCompletion, doFilterInternal, executeChain, postHandle

从类继承的方法 org.apache.shiro.web.servlet.OncePerRequestFilter

doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter

从类继承的方法 org.apache.shiro.web.servlet.NameableFilter

getName, setName, toStringBuilder

从类继承的方法 org.apache.shiro.web.servlet.AbstractFilter

destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig

从类继承的方法 org.apache.shiro.web.servlet.ServletContextSupport

getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

字段详细资料

PERMISSIVE

public static final String PERMISSIVE

另请参阅:

常量字段值

构造器详细资料

MyAuthenticatingFilter

public MyAuthenticatingFilter()

方法详细资料

executeLogin

protected boolean executeLogin(javax.servlet.ServletRequest request,
                   javax.servlet.ServletResponse response)
                        throws Exception

抛出:

Exception

createToken

protected abstract CaptchaUsernamePasswordToken createToken(javax.servlet.ServletRequest request,
                                       javax.servlet.ServletResponse response)
                                                     throws Exception

抛出:

Exception

createToken

protected CaptchaUsernamePasswordToken createToken(String username,
                                       String password,
                                       javax.servlet.ServletRequest request,
                                       javax.servlet.ServletResponse response)

createToken

protected CaptchaUsernamePasswordToken createToken(String username,
                                       String password,
                                       boolean rememberMe,
                                       String host)

onLoginSuccess

protected boolean onLoginSuccess(org.apache.shiro.authc.AuthenticationToken token,
                     org.apache.shiro.subject.Subject subject,
                     javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response)
                          throws Exception

抛出:

Exception

onLoginFailure

protected boolean onLoginFailure(org.apache.shiro.authc.AuthenticationToken token,
                     org.apache.shiro.authc.AuthenticationException e,
                     javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response)
                          throws Exception

抛出:

Exception

getHost

protected String getHost(javax.servlet.ServletRequest request)

Returns the host name or IP associated with the current subject. This method is primarily provided for use during construction of an AuthenticationToken. The default implementation merely returns ServletRequest.getRemoteHost().

参数:

request - the incoming ServletRequest

返回:

the InetAddress to associate with the login attempt.

isRememberMe

protected boolean isRememberMe(javax.servlet.ServletRequest request)

Returns true if "rememberMe" should be enabled for the login attempt associated with the current request, false otherwise. This implementation always returns false and is provided as a template hook to subclasses that support rememberMe logins and wish to determine rememberMe in a custom mannner based on the current request.

参数:

request - the incoming ServletRequest

返回:

true if "rememberMe" should be enabled for the login attempt associated with the current request, false otherwise.

isAccessAllowed

protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
                      javax.servlet.ServletResponse response,
                      Object mappedValue)

Determines whether the current subject should be allowed to make the current request. The default implementation returns true if the user is authenticated. Will also return true if the MyAccessControlFilter.isLoginRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse) returns false and the "permissive" flag is set.

覆盖:

isAccessAllowed 在类中 MyAuthenticationFilter

参数:

request - the incoming ServletRequest

response - the outgoing ServletResponse

mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.

返回:

true if request should be allowed access

isPermissive

protected boolean isPermissive(Object mappedValue)

Returns true if the mappedValue contains the PERMISSIVE qualifier.

参数:

mappedValue - mappedValue

返回:

true if this filter should be permissive

cleanup

protected void cleanup(javax.servlet.ServletRequest request,
           javax.servlet.ServletResponse response,
           Exception existing)
                throws javax.servlet.ServletException,
                       IOException

Overrides the default behavior to call MyAccessControlFilter.onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object) and swallow the exception if the exception is UnauthenticatedException.

覆盖:

cleanup 在类中 org.apache.shiro.web.servlet.AdviceFilter

抛出:

javax.servlet.ServletException

IOException

getCaptcha

protected String getCaptcha(javax.servlet.ServletRequest request)

createToken

protected CaptchaUsernamePasswordToken createToken(String username,
                                       String password,
                                       String captcha,
                                       javax.servlet.ServletRequest request,
                                       javax.servlet.ServletResponse response)

doCaptchaValidate

protected void doCaptchaValidate(CaptchaUsernamePasswordToken token)