weblogic.servlet.security
Class AuthFilter
java.lang.Object
|
+--javax.servlet.GenericServlet
|
+--javax.servlet.http.HttpServlet
|
+--weblogic.servlet.security.AuthFilter
- public abstract class AuthFilter
- extends javax.servlet.http.HttpServlet
An implementation of the AuthFilter interface is called via a
RequestDispatcher.include() from inside the servlet engine
just before and just after Authentication and Authorization.
The use of this class has been deprecated because of the filters
specification that is part of servlet 2.3
To register one of these, inside the weblogic.xml, add the following:
<auth-filter>
classname of implementation
</auth-filter>
- Author:
- Copyright © 2002 BEA Systems, Inc. All Rights Reserved.
- See Also:
- Serialized Form
Field Summary
|
static java.lang.String |
TARGET_URL
WebLogic's Form Authentication implementation stores the target url
in the session against the key TARGET_URL. |
Method Summary
|
void |
doFailAuth(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res)
Deprecated. |
void |
doPreAuth(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res)
Deprecated. |
boolean |
doSuccessAuth(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res)
Deprecated. |
void |
service(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
Deprecated. |
Methods inherited from class javax.servlet.http.HttpServlet |
doDelete,
doGet,
doHead,
doOptions,
doPost,
doPut,
doTrace,
getLastModified,
service |
Methods inherited from class javax.servlet.GenericServlet |
destroy,
getInitParameter,
getInitParameterNames,
getServletConfig,
getServletContext,
getServletInfo,
getServletName,
init,
init,
log,
log |
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
TARGET_URL
public static final java.lang.String TARGET_URL
- WebLogic's Form Authentication implementation stores the target url
in the session against the key TARGET_URL. In the past releases the
String was j_target_url, which has been deprecated
AuthFilter
public AuthFilter()
service
public final void service(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
- Deprecated.
- Internal service method which delegates off to the correct do method
depending on what auth state this Request is in.
- Parameters:
request
- ServletRequestresponse
- ServletResponse- Overrides:
- service in class javax.servlet.http.HttpServlet
doPreAuth
public void doPreAuth(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res)
- Deprecated.
- Called just before Authentication and Authorization occurs in
the WebApplication. In the case of FORM-based auth, this will
be called multiple times as the first attempt is made, then
the login page is requested, and finally as either the real
page or the error page is requested.
- Parameters:
request
- ServletRequestresponse
- ServletResponse
doSuccessAuth
public boolean doSuccessAuth(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res)
- Deprecated.
- Called just after Authentication and Authorization occurs in
the WebApplication, if the process was a success. Only called
once per auth attempt.
- Parameters:
request
- ServletRequestresponse
- ServletResponse- Returns:
- Boolean which, if made to return false, will override the
successfull authentication and authorization to a failure.
For BASIC and CERT auth, the HTTP 401 Unauthorized response
will be given. For FORM-AUTH, the error page is sent.
doFailAuth
public void doFailAuth(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res)
- Deprecated.
- Called just after Authentication and Authorization occurs in
the WebApplication, if the process was a failure. Only called
once per auth attempt. If Authentication was successfull but
Authorization was not, the getRemoteUser() will return the
correct user name. The originally requested URL can be found
in the session under the key AuthFilter.TARGET_URL. In the past
releases the key was "j_target_url" which has been deprecated.
- Parameters:
request
- ServletRequestresponse
- ServletResponse