MarmottaAuthenticationFilter (Apache Marmotta Site 3.3.0 API)

java.lang.Object
- org.apache.marmotta.platform.user.filters.MarmottaAuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter, org.apache.marmotta.platform.core.api.modules.MarmottaHttpFilter
```
@ApplicationScoped
public class MarmottaAuthenticationFilter
extends Object
implements org.apache.marmotta.platform.core.api.modules.MarmottaHttpFilter
```
This filter implements HTTB Basic Authentication support for the Marmotta. It serves two purposes:
- carrying out HTTP Basic Authentication when an "Authorization" header is present
- sending an HTTP authorization request in case one of the services in the chain threw an AccessDeniedException
In case security is enabled, it listens for the presence of an "Authorization" header, parses it according to HTTP Basic Authentication (Base64 decoding and splitting username/password at ":") and tries to authenticate with the given credentials using the Marmotta AuthenticationService.
- In case authentication succeeds, it sets the attributes user.name and user.roles in the request so that further filters/services can make use of the authentication information, and it sets the current user for all activities carried out in the thread.
- In case authentication fails, no user information is added to the request.
The filter also listens for AccessDeniedException thrown by subsequent filters or servlets in the chain, in which case it returns an HTTP authorization request to the client. In particular, this functionality is used by the MarmottaAccessControlFilter to restrict access to services based on security profiles.
See Also:
Author: Sebastian Schaffert

Field Summary
- Fields inherited from interface org.apache.marmotta.platform.core.api.modules.MarmottaHttpFilter
  PRIO_ACL, PRIO_AUTH, PRIO_FIRST, PRIO_LAST, PRIO_MIDDLE

Constructor Summary

Constructors
Constructor and Description

MarmottaAuthenticationFilter()

Constructors
Constructor and Description
`MarmottaAuthenticationFilter()`

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`destroy()` Destroy authentication filter
`void`	`doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)` Check for the presence of a "Authorization" header in the request header and authorize the user if yes.
`String`	`getPattern()` Return the pattern (regular expression) that a request URI (relative to the base URI) has to match before triggering this filter.
`int`	`getPriority()` Return the priority of the filter.
`void`	`init(javax.servlet.FilterConfig filterConfig)` Initialise authentication filter

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - MarmottaAuthenticationFilter
```
public MarmottaAuthenticationFilter()
```
- Method Detail
  - init
```
public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException
```
    Initialise authentication filter
    
    Specified by:
    
    init in interface javax.servlet.Filter
    
    Throws:
    
    javax.servlet.ServletException
  - getPattern
```
public String getPattern()
```
    Return the pattern (regular expression) that a request URI (relative to the base URI) has to match before triggering this filter.
    
    Specified by:
    
    getPattern in interface org.apache.marmotta.platform.core.api.modules.MarmottaHttpFilter
    
    Returns:
  - getPriority
```
public int getPriority()
```
    Return the priority of the filter. Filters that need to be executed before anything else should return PRIO_FIRST, filters that need to be executed last in the chain should return PRIO_LAST, all other filters something inbetween (e.g. PRIO_MIDDLE).
    
    Specified by:
    
    getPriority in interface org.apache.marmotta.platform.core.api.modules.MarmottaHttpFilter
    
    Returns:
  - doFilter
```
public void doFilter(javax.servlet.ServletRequest request,
            javax.servlet.ServletResponse response,
            javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
```
    Check for the presence of a "Authorization" header in the request header and authorize the user if yes. Sets the attributes "user.name" and "user.roles" in the request for further processing.
    
    Specified by:
    
    doFilter in interface javax.servlet.Filter
    
    Throws:
    
    IOException
    
    javax.servlet.ServletException
  - destroy
```
public void destroy()
```
    Destroy authentication filter
    
    Specified by:
    
    destroy in interface javax.servlet.Filter

Class MarmottaAuthenticationFilter

Field Summary

Fields inherited from interface org.apache.marmotta.platform.core.api.modules.MarmottaHttpFilter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

MarmottaAuthenticationFilter

Method Detail

init

getPattern

getPriority

doFilter

destroy