Class KerberosSSOFilter
- java.lang.Object
-
- com.sonymobile.jenkins.plugins.kerberossso.KerberosSSOFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
public class KerberosSSOFilter extends Object implements javax.servlet.Filter
Filter that authenticates users using Kerberos SSO.- Author:
- Joakim Ahle <joakim.ahle@sonymobile.com>, Fredrik Persson <fredrik6.persson@sonymobile.com>
-
-
Field Summary
Fields Modifier and Type Field Description static String
BYPASS_HEADER
Header name that can be passed in a request in order to make this filter ignore the request and just pass it on in the filter chain.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
destroy()
Called if the filter needs to be destroyed.void
doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
Filters every request made to the server to determine and set authentication of the user.void
init(javax.servlet.FilterConfig filterConfig)
Creates the spnego authenticator to be used in doFilter.
-
-
-
Field Detail
-
BYPASS_HEADER
public static final String BYPASS_HEADER
Header name that can be passed in a request in order to make this filter ignore the request and just pass it on in the filter chain.- See Also:
- Constant Field Values
-
-
Method Detail
-
init
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
Creates the spnego authenticator to be used in doFilter.- Specified by:
init
in interfacejavax.servlet.Filter
- Parameters:
filterConfig
- ignored.- Throws:
javax.servlet.ServletException
- if the SpnegoAuthenticator can't be created. (Something is wrong in the config)
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
Filters every request made to the server to determine and set authentication of the user. 1. Find out if the user is already authenticated (by checking the securityContext). 2. Otherwise, authenticate the user from his Kerberos ticket and, 3. Set him as authenticated by setting a new securityContext. During the negotiation process used by Spnego, none of the filters after this one in the chain will be allowed to execute.- Specified by:
doFilter
in interfacejavax.servlet.Filter
- Parameters:
request
- the Servlet request to serveresponse
- the Servlet response to servechain
- the filter chain determining which filter will execute after ours.- Throws:
IOException
- if redirection goes wrong or if another filter in the chain fails.javax.servlet.ServletException
- if the authentication fails.
-
destroy
public void destroy()
Called if the filter needs to be destroyed.- Specified by:
destroy
in interfacejavax.servlet.Filter
-
-