WebLogic Server 8.1 API Reference: Class AuthFilter

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

BEA Systems, Inc.

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

WebLogic Server 8.1 API Reference

weblogic.servlet.security
Class AuthFilter

java.lang.Object
  |
  +--javax.servlet.GenericServlet
        |
        +--javax.servlet.http.HttpServlet
              |
              +--weblogic.servlet.security.AuthFilter

public abstract class AuthFilter
extends javax.servlet.http.HttpServlet

An implementation of the AuthFilter interface is called via a RequestDispatcher.include() from inside the servlet engine just before and just after Authentication and Authorization. The use of this class has been deprecated because of the filters specification that is part of servlet 2.3 To register one of these, inside the weblogic.xml, add the following: <auth-filter> classname of implementation </auth-filter>

Author:: Copyright © 2002 BEA Systems, Inc. All Rights Reserved.
See Also:: Serialized Form

Field Summary
`static java.lang.String`	`TARGET_URL` WebLogic's Form Authentication implementation stores the target url in the session against the key TARGET_URL.

Constructor Summary
`AuthFilter()`

Method Summary
`void`	`doFailAuth(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res)` Deprecated.
`void`	`doPreAuth(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res)` Deprecated.
`boolean`	`doSuccessAuth(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res)` Deprecated.
`void`	`service(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)` Deprecated.

Methods inherited from class javax.servlet.http.HttpServlet

doDelete, 
doGet, 
doHead, 
doOptions, 
doPost, 
doPut, 
doTrace, 
getLastModified, 
service

Methods inherited from class javax.servlet.GenericServlet

destroy, 
getInitParameter, 
getInitParameterNames, 
getServletConfig, 
getServletContext, 
getServletInfo, 
getServletName, 
init, 
init, 
log, 
log

Methods inherited from class java.lang.Object

clone, 
equals, 
finalize, 
getClass, 
hashCode, 
notify, 
notifyAll, 
toString, 
wait, 
wait, 
wait

Field Detail

TARGET_URL

public static final java.lang.String TARGET_URL

WebLogic's Form Authentication implementation stores the target url in the session against the key TARGET_URL. In the past releases the String was j_target_url, which has been deprecated

Constructor Detail

AuthFilter

public AuthFilter()

Method Detail

service

public final void service(javax.servlet.ServletRequest request,
                          javax.servlet.ServletResponse response)

Deprecated.

Internal service method which delegates off to the correct do method depending on what auth state this Request is in.

Parameters:: request - ServletRequest; response - ServletResponse
Overrides:: service in class javax.servlet.http.HttpServlet

doPreAuth

public void doPreAuth(javax.servlet.ServletRequest req,
                      javax.servlet.ServletResponse res)

Deprecated.

Called just before Authentication and Authorization occurs in the WebApplication. In the case of FORM-based auth, this will be called multiple times as the first attempt is made, then the login page is requested, and finally as either the real page or the error page is requested.

Parameters:: request - ServletRequest; response - ServletResponse

doSuccessAuth

public boolean doSuccessAuth(javax.servlet.ServletRequest req,
                             javax.servlet.ServletResponse res)

Deprecated.

Called just after Authentication and Authorization occurs in the WebApplication, if the process was a success. Only called once per auth attempt.

Parameters:: request - ServletRequest; response - ServletResponse
Returns:: Boolean which, if made to return false, will override the successfull authentication and authorization to a failure. For BASIC and CERT auth, the HTTP 401 Unauthorized response will be given. For FORM-AUTH, the error page is sent.

doFailAuth

public void doFailAuth(javax.servlet.ServletRequest req,
                       javax.servlet.ServletResponse res)

Deprecated.

Called just after Authentication and Authorization occurs in the WebApplication, if the process was a failure. Only called once per auth attempt. If Authentication was successfull but Authorization was not, the getRemoteUser() will return the correct user name. The originally requested URL can be found in the session under the key AuthFilter.TARGET_URL. In the past releases the key was "j_target_url" which has been deprecated.

Parameters:: request - ServletRequest; response - ServletResponse

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Documentation is available at
http://download.oracle.com/docs/cd/E13222_01/wls/docs81b

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

weblogic.servlet.security Class AuthFilter

TARGET_URL

AuthFilter

service

doPreAuth

doSuccessAuth

doFailAuth

weblogic.servlet.security
Class AuthFilter