Package org.apache.shiro.web.filter.authc
Servlet
Filter
implementations specific to controlling access based on a
subject's authentication status, or those that can execute authentications (log-ins) directly.-
Class Summary Class Description AnonymousFilter Filter that allows access to a path immeidately without performing security checks of any kind.AuthenticatingFilter AnAuthenticationFilter
that is capable of automatically performing an authentication attempt based on the incoming request.AuthenticationFilter Base class for all Filters that require the current user to be authenticated.BasicHttpAuthenticationFilter Requires the requesting user to beauthenticated
for the request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge.BearerHttpAuthenticationFilter Requires the requesting user to beauthenticated
for the request to continue, and if they're not, requires the user to login via the HTTP Bearer protocol-specific challenge.FormAuthenticationFilter Requires the requesting user to be authenticated for the request to continue, and if they are not, forces the user to login via by redirecting them to theloginUrl
you configure.LogoutFilter Simple Filter that, upon receiving a request, will immediately log-out the currently executingsubject
and then redirect them to a configuredredirectUrl
.PassThruAuthenticationFilter An authentication filter that redirects the user to the login page when they are trying to access a protected resource.UserFilter Filter that allows access to resources if the accessor is a known user, which is defined as having a known principal.