Package org.apache.shiro.web.filter.authc

package org.apache.shiro.web.filter.authc
Servlet Filter implementations specific to controlling access based on a subject's authentication status, or those that can execute authentications (log-ins) directly.
  • Classes
    Class
    Description
    AnonymousFilter
    Filter that allows access to a path immediately without performing security checks of any kind.
    AuthenticatingFilter
    An AuthenticationFilter that is capable of automatically performing an authentication attempt based on the incoming request.
    AuthenticationFilter
    Base class for all Filters that require the current user to be authenticated.
    BasicHttpAuthenticationFilter
    Requires the requesting user to be authenticated for the request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge.
    BearerHttpAuthenticationFilter
    Requires the requesting user to be authenticated for the request to continue, and if they're not, requires the user to login via the HTTP Bearer protocol-specific challenge.
    FormAuthenticationFilter
    Requires the requesting user to be authenticated for the request to continue, and if they are not, forces the user to login via by redirecting them to the loginUrl you configure.
    LogoutFilter
    Simple Filter that, upon receiving a request, will immediately log-out the currently executing subject and then redirect them to a configured redirectUrl.
    PassThruAuthenticationFilter
    An authentication filter that redirects the user to the login page when they are trying to access a protected resource.
    UserFilter
    Filter that allows access to resources if the accessor is a known user, which is defined as having a known principal.