public class DynamicAuthenticationFilter
extends org.apache.shiro.web.filter.authc.FormAuthenticationFilter
NegotiateAuthenticationStrategy
, this filter can be used to
allow a client to choose which authentication filter is used at runtime. This filter assumes the shiro.ini is
configured with both the NegotiateAuthenticationRealm
and some User/Password Realm
like: GroupMappingWaffleRealm
.
Requires use of NegotiateAuthenticationStrategy
when more than one realm is configured
in shiro.ini (which should be the case for multiple authentication type options).
To use NegotiateAuthenticationRealm
, the client must pass the parameter
PARAM_NAME_AUTHTYPE
with a value of PARAM_VAL_AUTHTYPE_NEGOTIATE
.
Example shiro.ini snippet below:
# ======================= # Shiro INI configuration # ======================= [main] # Setup custom AuthenticationRealm waffleRealmSSO = waffle.shiro.negotiate.NegotiateAuthenticationRealm waffleUserPass = waffle.shiro.GroupMappingWaffleRealm securityManager.realms = $waffleRealmSSO, $waffleUserPass # Use the configured native session manager: sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager securityManager.sessionManager = $sessionManager # the following call is only necessary in a web-configured ShiroFilter (otherwise # a native session manager is already enabled): securityManager.sessionMode = native # cookie for single sign on cookie = org.apache.shiro.web.servlet.SimpleCookie cookie.name = SSOcookie cookie.path = / securityManager.sessionManager.sessionIdCookie = $cookie authcStrategy = waffle.shiro.negotiate.NegotiateAuthenticationStrategy securityManager.authenticator.authenticationStrategy = $authcStrategy # Waffle filter waffleFilter = waffle.shiro.dynamic.DynamicAuthenticationFilter #Configure filter chains and filter parameters authc.loginUrl = /login.jsp waffleFilter.loginUrl = /login.jsp logout.redirectUrl = login.jsp ... [urls] # The 'urls' section is used for url-based security /logout = logout /* = waffleFilter
Modifier and Type | Field and Description |
---|---|
static String |
PARAM_NAME_AUTHTYPE
The Constant PARAM_NAME_AUTHTYPE.
|
static String |
PARAM_VAL_AUTHTYPE_NEGOTIATE
The Constant PARAM_VAL_AUTHTYPE_NEGOTIATE.
|
DEFAULT_ERROR_KEY_ATTRIBUTE_NAME, DEFAULT_PASSWORD_PARAM, DEFAULT_REMEMBER_ME_PARAM, DEFAULT_USERNAME_PARAM
DEFAULT_SUCCESS_URL
DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD
appliedPaths, pathMatcher
Constructor and Description |
---|
DynamicAuthenticationFilter() |
Modifier and Type | Method and Description |
---|---|
protected boolean |
executeLogin(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
Call
AccessControlFilter.onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
for the user selected authentication type, which performs login logic. |
createToken, getFailureKeyAttribute, getPassword, getPasswordParam, getRememberMeParam, getUsername, getUsernameParam, isLoginSubmission, isRememberMe, onAccessDenied, onLoginFailure, onLoginSuccess, setFailureAttribute, setFailureKeyAttribute, setLoginUrl, setPasswordParam, setRememberMeParam, setUsernameParam
cleanup, createToken, createToken, getHost, isAccessAllowed, isPermissive
getSuccessUrl, issueSuccessRedirect, setSuccessUrl
getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin
getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig
afterCompletion, doFilterInternal, executeChain, postHandle
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
getName, setName, toStringBuilder
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
public static final String PARAM_NAME_AUTHTYPE
public static final String PARAM_VAL_AUTHTYPE_NEGOTIATE
protected boolean executeLogin(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response) throws Exception
AccessControlFilter.onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
for the user selected authentication type, which performs login logic.
executeLogin
in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
Exception
Copyright © 2010–2015 com.github.dblock. All rights reserved.