Package sonia.scm.web.filter
Class AuthenticationFilter
java.lang.Object
sonia.scm.web.filter.HttpFilter
sonia.scm.web.filter.AuthenticationFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
- Direct Known Subclasses:
HttpProtocolServletAuthenticationFilterBase
Handles authentication, if a one of the
WebTokenGenerator
returns
an AuthenticationToken
.- Since:
- 2.0.0
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionAuthenticationFilter
(ScmConfiguration configuration, Set<WebTokenGenerator> tokenGenerators) Constructs a new basic authenticaton filter. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilter
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) Handles authentication, if a one of theWebTokenGenerator
returns anAuthenticationToken
.protected void
handleTokenExpiredException
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, TokenExpiredException tokenExpiredException) protected void
handleTokenValidationFailedException
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, TokenValidationFailedException tokenValidationFailedException) protected void
handleUnauthorized
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) Sends status code 401 back to client, if the authentication has failed.protected boolean
Returnstrue
if anonymous access is enabled.protected void
sendFailedAuthenticationError
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Sends an error for a failed authentication back to client.protected void
sendUnauthorizedError
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Sends an unauthorized error back to client.Methods inherited from class sonia.scm.web.filter.HttpFilter
destroy, doFilter, init
-
Field Details
-
configuration
-
-
Constructor Details
-
AuthenticationFilter
@Inject public AuthenticationFilter(ScmConfiguration configuration, Set<WebTokenGenerator> tokenGenerators) Constructs a new basic authenticaton filter.- Parameters:
configuration
- scm-manager global configurationtokenGenerators
- web token generators
-
-
Method Details
-
doFilter
protected void doFilter(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) throws IOException, jakarta.servlet.ServletException Handles authentication, if a one of theWebTokenGenerator
returns anAuthenticationToken
.- Specified by:
doFilter
in classHttpFilter
- Parameters:
request
- servlet requestresponse
- servlet responsechain
- filter chain- Throws:
IOException
jakarta.servlet.ServletException
-
handleUnauthorized
protected void handleUnauthorized(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) throws IOException, jakarta.servlet.ServletException Sends status code 401 back to client, if the authentication has failed. In all other cases the method will send status code 403 back to client.- Parameters:
request
- servlet requestresponse
- servlet responsechain
- filter chain- Throws:
IOException
jakarta.servlet.ServletException
- Since:
- 1.8
-
sendFailedAuthenticationError
protected void sendFailedAuthenticationError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException Sends an error for a failed authentication back to client.- Parameters:
request
- http requestresponse
- http response- Throws:
IOException
-
sendUnauthorizedError
protected void sendUnauthorizedError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException Sends an unauthorized error back to client.- Parameters:
request
- http requestresponse
- http response- Throws:
IOException
-
handleTokenExpiredException
protected void handleTokenExpiredException(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, TokenExpiredException tokenExpiredException) throws IOException, jakarta.servlet.ServletException - Throws:
IOException
jakarta.servlet.ServletException
-
handleTokenValidationFailedException
protected void handleTokenValidationFailedException(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, TokenValidationFailedException tokenValidationFailedException) throws IOException, jakarta.servlet.ServletException - Throws:
IOException
jakarta.servlet.ServletException
-
isAnonymousAccessEnabled
protected boolean isAnonymousAccessEnabled()Returnstrue
if anonymous access is enabled.
-