net.ltgt.oidc.servlet.UserFilter

All Implemented Interfaces:: Filter, FilterConfig, Serializable

public class UserFilter extends HttpFilter

Checks whether the user is authenticated.

Initializes the request's getUserPrincipal() and getRemoteUser(), and implements its isUserInRole(String) for other filters and servlets down the chain. The user principal will be created by a UserPrincipalFactory present in the ServletContext.

Invalidates the HttpSession if a LoggedOutSessionStore is present in the ServletContext and the session has been recorded as logged out on the OpenID Provider through the OpenID Connect Back-Channel Logout protocol.

See Also:

Constructor Summary

Constructors

Constructor

Description

UserFilter()

UserFilter(UserPrincipalFactory userPrincipalFactory)

Constructs a filter with the given UserPrincipal factory and no logged-out session store.

UserFilter(UserPrincipalFactory userPrincipalFactory, @Nullable LoggedOutSessionStore loggedOutSessionStore)

Constructs a filter with the given UserPrincipal factory and (optional) logged-out session store.
Method Summary

Modifier and Type

Method

Description

protected void

doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain)

void

init()

Methods inherited from class jakarta.servlet.http.HttpFilter
doFilter

Methods inherited from class jakarta.servlet.GenericFilter
getFilterConfig, getFilterName, getInitParameter, getInitParameterNames, getServletContext, init

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface jakarta.servlet.Filter
destroy

Constructor Details
- UserFilter
  
  public UserFilter()
- UserFilter
  
  public UserFilter(UserPrincipalFactory userPrincipalFactory)
  
  Constructs a filter with the given UserPrincipal factory and no logged-out session store.
  When this constructor is used, the servlet context attributes won't be read.
  This is equivalent to new UserFilter(userPrincipalFactory, null).
- UserFilter
  
  public UserFilter(UserPrincipalFactory userPrincipalFactory, @Nullable LoggedOutSessionStore loggedOutSessionStore)
  
  Constructs a filter with the given UserPrincipal factory and (optional) logged-out session store.
  When this constructor is used, the servlet context attributes won't be read.
Method Details
- init
  
  public void init() throws ServletException
  
  Overrides:
  
  init in class GenericFilter
  
  Throws:
  
  ServletException
- doFilter
  
  protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException
  
  Overrides:
  
  doFilter in class HttpFilter
  
  Throws:
  
  IOException
  
  ServletException

Class UserFilter

Constructor Summary

Method Summary

Methods inherited from class jakarta.servlet.http.HttpFilter

Methods inherited from class jakarta.servlet.GenericFilter

Methods inherited from class java.lang.Object

Methods inherited from interface jakarta.servlet.Filter

Constructor Details

UserFilter

UserFilter

UserFilter

Method Details

init

doFilter