Package org.kuali.rice.krad.web.filter

Class UserLoginFilter

java.lang.Object

org.kuali.rice.krad.web.filter.UserLoginFilter

All Implemented Interfaces:

javax.servlet.Filter

public class UserLoginFilter
extends Object
implements javax.servlet.Filter

A filter for processing user logins and creating a UserSession

Author:

Kuali Rice Team (rice.collab@kuali.org)

See Also:

• UserSession

Constructor Summary

Constructors

Constructor	Description
UserLoginFilter()

Method Summary

Modifier and Type	Method	Description
protected org.kuali.rice.krad.UserSession	createUserSession(javax.servlet.http.HttpServletRequest request, String remoteUser)
void	destroy()
protected void	doFilter(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain)
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
protected void	establishSessionCookie(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Creates a session id cookie if one does not exists.
protected void	establishUserSession(javax.servlet.http.HttpServletRequest request)	Checks if a user can be authenticated and if so establishes a UserSession for that user.
protected String	extractRemoteUser(javax.servlet.http.HttpServletRequest request)
protected org.kuali.rice.kim.api.identity.IdentityService	getIdentityService()
protected org.kuali.rice.core.api.config.property.ConfigurationService	getKualiConfigurationService()
protected String	getKualiSessionId(javax.servlet.http.Cookie[] cookies)	gets the kuali session id from an array of cookies.
protected org.kuali.rice.coreservice.framework.parameter.ParameterService	getParameterService()
protected org.kuali.rice.kim.api.permission.PermissionService	getPermissionService()
void	init(javax.servlet.FilterConfig config)
protected boolean	isAuthorizedToLogin(String principalId)	checks if the passed in principalId is authorized to log in.
protected boolean	isRemoteUserPrincpialId()
protected boolean	isRemoteUserSameAsUserSession(org.kuali.rice.krad.UserSession userSession, String remoteUser)
protected void	logDebugInfoAboutUser(String remoteUser, org.kuali.rice.krad.UserSession userSession)
protected void	updateUserSession(org.kuali.rice.krad.UserSession userSession, javax.servlet.http.HttpServletRequest request)	Method to allow local overrides to update the userSession as necessary during each request.
protected void	validatePrincipal(String remoteUser)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

UserLoginFilter

public UserLoginFilter()

Method Details

init

public void init(javax.servlet.FilterConfig config)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Filter

Throws:

javax.servlet.ServletException

doFilter

public void doFilter(javax.servlet.ServletRequest request,
 javax.servlet.ServletResponse response,
 javax.servlet.FilterChain chain)
              throws IOException,
javax.servlet.ServletException

Specified by:

doFilter in interface javax.servlet.Filter

Throws:

IOException

javax.servlet.ServletException

doFilter

protected void doFilter(javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response,
 javax.servlet.FilterChain chain)
                 throws IOException,
javax.servlet.ServletException

Throws:

IOException

javax.servlet.ServletException

destroy

public void destroy()

Specified by:

destroy in interface javax.servlet.Filter

establishUserSession

protected void establishUserSession(javax.servlet.http.HttpServletRequest request)

Checks if a user can be authenticated and if so establishes a UserSession for that user.

logDebugInfoAboutUser

protected void logDebugInfoAboutUser(String remoteUser,
 org.kuali.rice.krad.UserSession userSession)

isRemoteUserSameAsUserSession

protected boolean isRemoteUserSameAsUserSession(org.kuali.rice.krad.UserSession userSession,
 String remoteUser)

updateUserSession

protected void updateUserSession(org.kuali.rice.krad.UserSession userSession,
 javax.servlet.http.HttpServletRequest request)

Method to allow local overrides to update the userSession as necessary during each request. Defaults to a noop.

validatePrincipal

protected void validatePrincipal(String remoteUser)

isRemoteUserPrincpialId

protected boolean isRemoteUserPrincpialId()

extractRemoteUser

protected String extractRemoteUser(javax.servlet.http.HttpServletRequest request)

createUserSession

protected org.kuali.rice.krad.UserSession createUserSession(javax.servlet.http.HttpServletRequest request,
 String remoteUser)

isAuthorizedToLogin

protected boolean isAuthorizedToLogin(String principalId)

checks if the passed in principalId is authorized to log in.

establishSessionCookie

protected void establishSessionCookie(javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response)

Creates a session id cookie if one does not exists. Write the cookie out to the response with that session id. Also, sets the cookie on the established user session.

getKualiSessionId

protected String getKualiSessionId(javax.servlet.http.Cookie[] cookies)

gets the kuali session id from an array of cookies. If a session id does not exist returns null.

getIdentityService

protected org.kuali.rice.kim.api.identity.IdentityService getIdentityService()

getPermissionService

protected org.kuali.rice.kim.api.permission.PermissionService getPermissionService()

getKualiConfigurationService

protected org.kuali.rice.core.api.config.property.ConfigurationService getKualiConfigurationService()

getParameterService

protected org.kuali.rice.coreservice.framework.parameter.ParameterService getParameterService()