Package org.apache.shiro.cas

Class CasFilter

  • All Implemented Interfaces:
    javax.servlet.Filter, org.apache.shiro.util.Nameable, org.apache.shiro.web.filter.PathConfigProcessor
    @Deprecated
public class CasFilter
extends org.apache.shiro.web.filter.authc.AuthenticatingFilter
    Deprecated.
    replaced with Shiro integration in buji-pac4j.
    This filter validates the CAS service ticket to authenticate the user. It must be configured on the URL recognized by the CAS server. For example, in shiro.ini: 
     [main]
 casFilter = org.apache.shiro.cas.CasFilter
 ...

 [urls]
 /shiro-cas = casFilter
 ...
    (example : http://host:port/mycontextpath/shiro-cas)
    Since:
    1.2
    See Also:
    buji-pac4j

    • Field Summary

      • Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter

        PERMISSIVE

      • Fields inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter

        DEFAULT_SUCCESS_URL

      • Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter

        DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD

      • Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter

        appliedPaths, pathMatcher

      • Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

        ALREADY_FILTERED_SUFFIX

      • Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter

        filterConfig

    • Constructor Summary

      Constructors 
      Constructor Description
      CasFilter()
      Deprecated.
       

    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      protected org.apache.shiro.authc.AuthenticationToken createToken​(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
      Deprecated.
      The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).
      protected boolean isAccessAllowed​(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)
      Deprecated.
      Returns false to always force authentication (user is never considered authenticated by this filter).
      protected boolean onAccessDenied​(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
      Deprecated.
      Execute login by creating token and logging subject with this token.
      protected boolean onLoginFailure​(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationException ae, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
      Deprecated.
      If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.
      protected boolean onLoginSuccess​(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.subject.Subject subject, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response)
      Deprecated.
      If login has been successful, redirect user to the original protected url.
      void setFailureUrl​(String failureUrl)
      Deprecated.
       

      • Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticatingFilter

        cleanup, createToken, createToken, executeLogin, getHost, isPermissive, isRememberMe

      • Methods inherited from class org.apache.shiro.web.filter.authc.AuthenticationFilter

        getSuccessUrl, issueSuccessRedirect, setSuccessUrl

      • Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter

        getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl

      • Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter

        getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig

      • Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter

        afterCompletion, doFilterInternal, executeChain, postHandle

      • Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter

        doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter

      • Methods inherited from class org.apache.shiro.web.servlet.NameableFilter

        getName, setName, toStringBuilder

      • Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter

        destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig

      • Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport

        getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString

    • Constructor Detail

      • CasFilter

        public CasFilter()
        Deprecated.

    • Method Detail

      • createToken

        protected org.apache.shiro.authc.AuthenticationToken createToken​(javax.servlet.ServletRequest request,
                                                                 javax.servlet.ServletResponse response)
                                                          throws Exception
        Deprecated.
        The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).
        Specified by:
        createToken in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
        Parameters:
        request - the incoming request
        response - the outgoing response
        Throws:
        Exception - if there is an error processing the request.

      • onAccessDenied

        protected boolean onAccessDenied​(javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)
                          throws Exception
        Deprecated.
        Execute login by creating token and logging subject with this token.
        Specified by:
        onAccessDenied in class org.apache.shiro.web.filter.AccessControlFilter
        Parameters:
        request - the incoming request
        response - the outgoing response
        Throws:
        Exception - if there is an error processing the request.

      • isAccessAllowed

        protected boolean isAccessAllowed​(javax.servlet.ServletRequest request,
                                  javax.servlet.ServletResponse response,
                                  Object mappedValue)
        Deprecated.
        Returns false to always force authentication (user is never considered authenticated by this filter).
        Overrides:
        isAccessAllowed in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
        Parameters:
        request - the incoming request
        response - the outgoing response
        mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
        Returns:
        false

      • onLoginSuccess

        protected boolean onLoginSuccess​(org.apache.shiro.authc.AuthenticationToken token,
                                 org.apache.shiro.subject.Subject subject,
                                 javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)
                          throws Exception
        Deprecated.
        If login has been successful, redirect user to the original protected url.
        Overrides:
        onLoginSuccess in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
        Parameters:
        token - the token representing the current authentication
        subject - the current authenticated subjet
        request - the incoming request
        response - the outgoing response
        Throws:
        Exception - if there is an error processing the request.

      • onLoginFailure

        protected boolean onLoginFailure​(org.apache.shiro.authc.AuthenticationToken token,
                                 org.apache.shiro.authc.AuthenticationException ae,
                                 javax.servlet.ServletRequest request,
                                 javax.servlet.ServletResponse response)
        Deprecated.
        If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.
        Overrides:
        onLoginFailure in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
        Parameters:
        token - the token representing the current authentication
        ae - the current authentication exception
        request - the incoming request
        response - the outgoing response

      • setFailureUrl

        public void setFailureUrl​(String failureUrl)
        Deprecated.