org.apache.jetspeed.pipeline.valve.AbstractValve
org.apache.jetspeed.security.impl.AbstractSecurityValve
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public abstract class AbstractSecurityValve
AbstractSecurityValve
| Field Summary | |
|---|---|
protected org.apache.jetspeed.administration.PortalAuthenticationConfiguration |
authenticationConfiguration
|
| Fields inherited from interface org.apache.jetspeed.pipeline.valve.SecurityValve |
|---|
IP_ADDRESS |
| Constructor Summary | |
|---|---|
AbstractSecurityValve()
|
|
| Method Summary | |
|---|---|
protected abstract Subject |
getSubject(org.apache.jetspeed.request.RequestContext request)
getSubject |
protected Subject |
getSubjectFromSession(org.apache.jetspeed.request.RequestContext request)
getSubjectFromSession |
protected abstract Principal |
getUserPrincipal(org.apache.jetspeed.request.RequestContext request)
getUserPrincipal |
void |
invoke(org.apache.jetspeed.request.RequestContext request,
org.apache.jetspeed.pipeline.valve.ValveContext context)
invoke |
protected boolean |
isSessionExpired(org.apache.jetspeed.request.RequestContext request)
Check for hard limit session expiration time out |
| Methods inherited from class org.apache.jetspeed.pipeline.valve.AbstractValve |
|---|
initialize |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Methods inherited from interface org.apache.jetspeed.pipeline.valve.Valve |
|---|
initialize |
| Field Detail |
|---|
protected org.apache.jetspeed.administration.PortalAuthenticationConfiguration authenticationConfiguration
| Constructor Detail |
|---|
public AbstractSecurityValve()
| Method Detail |
|---|
protected abstract Subject getSubject(org.apache.jetspeed.request.RequestContext request) throws Exception
getSubject
Should build and return ajavax.security.Subject
request -
Exceptionprotected abstract Principal getUserPrincipal(org.apache.jetspeed.request.RequestContext request) throws Exception
getUserPrincipal
Should build and return ajava.security.Principal that represents the user name
the Subject returned from getSubject()
request -
Exceptionprotected final Subject getSubjectFromSession(org.apache.jetspeed.request.RequestContext request) throws Exception
getSubjectFromSession
request -
null if there is no servlet session attribute defined
for the key org.apache.jetspeed.PortalReservedParameters.SESSION_KEY_SUBJECT.
Exception
public void invoke(org.apache.jetspeed.request.RequestContext request,
org.apache.jetspeed.pipeline.valve.ValveContext context)
throws org.apache.jetspeed.pipeline.PipelineException
invoke
Uses getSubject() to call ValveContext.invokeNext() via
JSSubjectdoAsPrivileged(). This method also takes care of setting the value of
the RequestContext.subject property and the session attribute
org.apache.jetspeed.PortalReservedParameters.SESSION_KEY_SUBJECT
invoke in interface org.apache.jetspeed.pipeline.valve.Valveinvoke in class AbstractValverequest - context -
org.apache.jetspeed.pipeline.PipelineException - if the is an error encountered during any security operations.Valve.invoke(org.apache.jetspeed.request.RequestContext, org.apache.jetspeed.pipeline.valve.ValveContext)
protected boolean isSessionExpired(org.apache.jetspeed.request.RequestContext request)
throws org.apache.jetspeed.pipeline.PipelineException
request -
org.apache.jetspeed.pipeline.PipelineException
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||