|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.jetspeed.pipeline.valve.AbstractValve
org.apache.jetspeed.security.impl.AbstractSecurityValve
public abstract class AbstractSecurityValve
AbstractSecurityValve
Field Summary | |
---|---|
protected PortalAuthenticationConfiguration |
authenticationConfiguration
|
Fields inherited from interface org.apache.jetspeed.pipeline.valve.SecurityValve |
---|
IP_ADDRESS |
Constructor Summary | |
---|---|
AbstractSecurityValve()
|
Method Summary | |
---|---|
protected abstract javax.security.auth.Subject |
getSubject(RequestContext request)
getSubject |
protected javax.security.auth.Subject |
getSubjectFromSession(RequestContext request)
getSubjectFromSession |
protected abstract java.security.Principal |
getUserPrincipal(RequestContext request)
getUserPrincipal |
void |
invoke(RequestContext request,
ValveContext context)
invoke |
protected boolean |
isSessionExpired(RequestContext request)
Check for hard limit session expiration time out |
Methods inherited from class org.apache.jetspeed.pipeline.valve.AbstractValve |
---|
initialize |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface org.apache.jetspeed.pipeline.valve.Valve |
---|
initialize |
Field Detail |
---|
protected PortalAuthenticationConfiguration authenticationConfiguration
Constructor Detail |
---|
public AbstractSecurityValve()
Method Detail |
---|
protected abstract javax.security.auth.Subject getSubject(RequestContext request) throws java.lang.Exception
getSubject
Should build and return ajavax.security.Subject
request
-
java.lang.Exception
protected abstract java.security.Principal getUserPrincipal(RequestContext request) throws java.lang.Exception
getUserPrincipal
Should build and return ajava.security.Principal
that represents the user name
the Subject returned from getSubject()
request
-
java.lang.Exception
protected final javax.security.auth.Subject getSubjectFromSession(RequestContext request) throws java.lang.Exception
getSubjectFromSession
request
-
null
if there is no servlet session attribute defined
for the key org.apache.jetspeed.PortalReservedParameters.SESSION_KEY_SUBJECT
.
java.lang.Exception
public void invoke(RequestContext request, ValveContext context) throws PipelineException
invoke
Uses getSubject()
to call ValveContext.invokeNext()
via
JSSubjectdoAsPrivileged()
. This method also takes care of setting the value of
the RequestContext.subject
property and the session attribute
org.apache.jetspeed.PortalReservedParameters.SESSION_KEY_SUBJECT
invoke
in interface Valve
invoke
in class AbstractValve
request
- context
-
PipelineException
- if the is an error encountered during any security operations.Valve.invoke(org.apache.jetspeed.request.RequestContext, org.apache.jetspeed.pipeline.valve.ValveContext)
protected boolean isSessionExpired(RequestContext request) throws PipelineException
request
-
PipelineException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |