Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.talika.tarsis.filters.security
Class LoginFilter

java.lang.Object
  extended by org.talika.tarsis.filters.AbstractFilter
      extended by org.talika.tarsis.filters.CommandFilter
          extended by org.talika.tarsis.filters.security.LoginFilter
All Implemented Interfaces:
javax.servlet.Filter
public final class LoginFilter
extends CommandFilter

Login filter checks if client's request has a valid security session and if not tries to authenticate client.

Version:
$Revision: 269 $
Author:
Jose M. Palomar

Field Summary
static java.lang.String LOGIN_PAGE_PARAM
          Login page parameter name.
static java.lang.String LOGIN_TRIES_PARAM
          Number login of tries parameter name.
 
Constructor Summary
LoginFilter()
           
 
Method Summary
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
          Checks if client's request has a valid security session and if not tries to authenticate client.
 void init(javax.servlet.FilterConfig filterConfig)
          Called by the web container to indicate to a filter that it is being placed into service.
protected  void processLogin(javax.servlet.http.HttpServletRequest request, java.lang.String username, java.lang.String password)
          Tries to log client using username and password.
 
Methods inherited from class org.talika.tarsis.filters.CommandFilter
destroy, findCommand, getCommandFactory
 
Methods inherited from class org.talika.tarsis.filters.AbstractFilter
getContext, getFilterConfig, getLogger
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

LOGIN_PAGE_PARAM

public static final java.lang.String LOGIN_PAGE_PARAM
Login page parameter name.

See Also:
Constant Field Values

LOGIN_TRIES_PARAM

public static final java.lang.String LOGIN_TRIES_PARAM
Number login of tries parameter name.

See Also:
Constant Field Values
Constructor Detail

LoginFilter

public LoginFilter()
Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException
Called by the web container to indicate to a filter that it is being placed into service.

Initialization consits in:
  1. Calling super int method.
  2. Retrieves login page parameter.
  3. Retrieves login tries parameter.
  4. Stores in a local variable authenticator instance.
  5. Stores in a local variable authorizator instance.
  6. Stores in a local variable security session manager instance.

Specified by:
init in interface javax.servlet.Filter
Overrides:
init in class CommandFilter
Parameters:
filterConfig - FilterConfig filter configutarion.
Throws:
javax.servlet.ServletException - if an exception has occurred that interferes with the filter's normal operation
See Also:
Filter.init(FilterConfig)

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException
Checks if client's request has a valid security session and if not tries to authenticate client.

Filter checks if command is restricted, then checks if there is a valid security session, if there is continue with next filter in chain.
If not saves current request for later resume and forwards to login page. In next invocation obtains username and password from login request and tries to authenticate client with them. Repeats proccess number of times in login tries. If authentication is valid resumes saved request.

Specified by:
doFilter in interface javax.servlet.Filter
Specified by:
doFilter in class AbstractFilter
Parameters:
request - ServletRequest the ServletRequest object that contains the client's request.
response - ServletResponse the ServletResponse object that contains the servlet's response.
chain - FilterChain invocation chain of filtered request.
Throws:
java.io.IOException - if an input or output exception occurs
javax.servlet.ServletException - if an exception has occurred that interferes with the filter's normal operation
See Also:
Filter.doFilter(ServletRequest, ServletResponse, FilterChain)

processLogin

protected void processLogin(javax.servlet.http.HttpServletRequest request,
                            java.lang.String username,
                            java.lang.String password)
                     throws AuthenticationFailedException
Tries to log client using username and password. If authentication is correct creates a new SecuritySession and stores it in client's HttpSession.

Parameters:
request - HttpServletRequest client's request.
username - String user name.
password - String user password.
Throws:
AuthenticationFailedException - if can't authenticate user using given username and passowrd.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2002-2012 Talika Open Source Group. All Rights Reserved.