Package org.apache.shiro.cas
Class CasFilter
- java.lang.Object
-
- All Implemented Interfaces:
Filter
,Nameable
,PathConfigProcessor
@Deprecated public class CasFilter extends AuthenticatingFilter
Deprecated.replaced with Shiro integration in buji-pac4j.This filter validates the CAS service ticket to authenticate the user. It must be configured on the URL recognized by the CAS server. For example, inshiro.ini
:[main] casFilter = org.apache.shiro.cas.CasFilter ... [urls] /shiro-cas = casFilter ...
(example : http://host:port/mycontextpath/shiro-cas)- Since:
- 1.2
- See Also:
- buji-pac4j
-
-
Field Summary
-
Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter
PERMISSIVE
-
Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter
DEFAULT_SUCCESS_URL
-
Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter
DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD
-
Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter
appliedPaths, pathMatcher
-
Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
-
Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
filterConfig
-
-
Constructor Summary
Constructors Constructor Description CasFilter()
Deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description protected AuthenticationToken
createToken(ServletRequest request, ServletResponse response)
Deprecated.The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).protected boolean
isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
Deprecated.Returnsfalse
to always force authentication (user is never considered authenticated by this filter).protected boolean
onAccessDenied(ServletRequest request, ServletResponse response)
Deprecated.Execute login by creatingtoken
and logging subject with this token.protected boolean
onLoginFailure(AuthenticationToken token, AuthenticationException ae, ServletRequest request, ServletResponse response)
Deprecated.If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.protected boolean
onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response)
Deprecated.If login has been successful, redirect user to the original protected url.void
setFailureUrl(String failureUrl)
Deprecated.-
Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter
cleanup, createToken, createToken, executeLogin, getHost, isPermissive, isRememberMe
-
Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter
getSuccessUrl, issueSuccessRedirect, setSuccessUrl
-
Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter
getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl
-
Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter
getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig
-
Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, doFilterInternal, executeChain, postHandle
-
Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
-
Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder
-
Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
-
Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
-
-
-
-
Constructor Detail
-
CasFilter
public CasFilter()
Deprecated.
-
-
Method Detail
-
createToken
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception
Deprecated.The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).- Specified by:
createToken
in classAuthenticatingFilter
- Parameters:
request
- the incoming requestresponse
- the outgoing response- Throws:
Exception
- if there is an error processing the request.
-
onAccessDenied
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception
Deprecated.Execute login by creatingtoken
and logging subject with this token.- Specified by:
onAccessDenied
in classAccessControlFilter
- Parameters:
request
- the incoming requestresponse
- the outgoing response- Returns:
true
if the request should continue to be processed; false if the subclass will handle/render the response directly.- Throws:
Exception
- if there is an error processing the request.
-
isAccessAllowed
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
Deprecated.Returnsfalse
to always force authentication (user is never considered authenticated by this filter).- Overrides:
isAccessAllowed
in classAuthenticatingFilter
- Parameters:
request
- the incoming requestresponse
- the outgoing responsemappedValue
- the filter-specific config value mapped to this filter in the URL rules mappings.- Returns:
false
-
onLoginSuccess
protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception
Deprecated.If login has been successful, redirect user to the original protected url.- Overrides:
onLoginSuccess
in classAuthenticatingFilter
- Parameters:
token
- the token representing the current authenticationsubject
- the current authenticated subjetrequest
- the incoming requestresponse
- the outgoing response- Throws:
Exception
- if there is an error processing the request.
-
onLoginFailure
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException ae, ServletRequest request, ServletResponse response)
Deprecated.If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.- Overrides:
onLoginFailure
in classAuthenticatingFilter
- Parameters:
token
- the token representing the current authenticationae
- the current authentication exceptionrequest
- the incoming requestresponse
- the outgoing response
-
setFailureUrl
public void setFailureUrl(String failureUrl)
Deprecated.
-
-