HttpAuthFilter (Atlassian Seraph 4.0.2 API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- com.atlassian.seraph.filter.BaseLoginFilter
- - com.atlassian.seraph.filter.PasswordBasedLoginFilter
  - - com.atlassian.seraph.filter.HttpAuthFilter

All Implemented Interfaces:

javax.servlet.Filter
```
public class HttpAuthFilter
extends PasswordBasedLoginFilter
```
This is a filter that logs the user in. It parses a standard HTTP based authentication requst and logs the user in. At the moment it supports only a BASIC authentication scheme. The simple way of using it manually is to request a URL in the following form: protocol://user:password@host[:port]/path e.g.: https://juancho:sillyPass@bamboo.developer.atlassian.com/
If authentication is successful, the user will be redirected by the filter to the URL given by the session attribute at SecurityFilter.ORIGINAL_URL_KEY.
If this URL doesn't exist, it will look for a parameter 'os_destination' to use as the redirected URL instead.
If neither is found, it is assumed that the page will check the authorisation status and handle redirection itself.
From the any other filter in the request, or the servlet/JSP/action which processes the request, you can look up the status of the authorisation attempt. The status is a String request attribute, with the key 'os_authstatus'.
The possible statuses are:
- LoginFilter.LOGIN_SUCCESS - the login was processed, and user was logged in
- LoginFilter.LOGIN_FAILURE - the login was processed, the user gave a bad username or password
- LoginFilter.LOGIN_ERROR - the login was processed, an exception occurred trying to log the user in
- LoginFilter.LOGIN_NOATTEMPT - the login was no processed, no form parameters existed

Nested Class Summary
- Nested classes/interfaces inherited from class com.atlassian.seraph.filter.PasswordBasedLoginFilter
  PasswordBasedLoginFilter.UserPasswordPair

Field Summary
- Fields inherited from class com.atlassian.seraph.filter.BaseLoginFilter
  AUTHENTICATION_ERROR_TYPE, LOGIN_ERROR, LOGIN_FAILED, LOGIN_NOATTEMPT, LOGIN_SUCCESS, OS_AUTHSTATUS_KEY

Constructor Summary

Constructors
Constructor and Description

HttpAuthFilter()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected PasswordBasedLoginFilter.UserPasswordPair`	`extractUserPasswordPair(javax.servlet.http.HttpServletRequest request)` Returns a username password pair for this request.

Methods inherited from class com.atlassian.seraph.filter.PasswordBasedLoginFilter
login

Methods inherited from class com.atlassian.seraph.filter.BaseLoginFilter
destroy, doFilter, getAuthenticationContext, getAuthenticator, getElevatedSecurityGuard, getSecurityConfig, init, isAbsoluteUrl, redirectToOriginalDestination

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - HttpAuthFilter
```
public HttpAuthFilter()
```
- Method Detail
  - extractUserPasswordPair
```
protected PasswordBasedLoginFilter.UserPasswordPair extractUserPasswordPair(javax.servlet.http.HttpServletRequest request)
```
    Description copied from class: PasswordBasedLoginFilter
    
    Returns a username password pair for this request. If this request does not contain user credentials - returns null;
    
    Specified by:
    
    extractUserPasswordPair in class PasswordBasedLoginFilter
    
    Parameters:
    
    request - the HTTP request in play
    
    Returns:
    
    user credentials or null

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2018 Atlassian. All rights reserved.