public class CASFilter extends Object implements javax.servlet.Filter
Protects web-accessible resources with CAS.
The following filter initialization parameters are declared in web.xml
:
edu.yale.its.tp.cas.client.filter.loginUrl
: URL to login page on CAS server. (Required)edu.yale.its.tp.cas.client.filter.validateUrl
: URL to validation URL on CAS server. (Required)edu.yale.its.tp.cas.client.filter.serviceUrl
: URL of this service. (Required if
serverName
is not specified)edu.yale.its.tp.cas.client.filter.serverName
: full hostname with port number (e.g.
www.foo.com:8080
). Port number isn't required if it is standard (80 for HTTP, 443 for HTTPS). (Required
if serviceUrl
is not specified)edu.yale.its.tp.cas.client.filter.authorizedProxy
: whitespace-delimited list of valid proxies
through which authentication may have proceeded. One one proxy must match. (Optional. If nothing is specified, the
filter will only accept service tickets not proxy tickets.)edu.yale.its.tp.cas.client.filter.renew
: value of CAS "renew" parameter. Bypasses single sign-on and
requires user to provide CAS with his/her credentials again. (Optional. If nothing is specified, this defaults to
false.)edu.yale.its.tp.cas.client.filter.wrapRequest
: wrap the HttpServletRequest
object,
overriding the getRemoteUser()
method. When set to "true", request.getRemoteUser()
will
return the username of the currently logged-in CAS user. (Optional. If nothing is specified, this defaults to false.)
The logged-in username is set in the session attribute defined by the value of CAS_FILTER_USER
and may
be accessed from within your application either by setting wrapRequest
and calling
request.getRemoteUser()
, or by calling session.getAttribute(CASFilter.CAS_FILTER_USER)
.
Modifier and Type | Field and Description |
---|---|
static String |
CAS_FILTER_USER
Session attribute in which the username is stored
|
Constructor and Description |
---|
CASFilter() |
Modifier and Type | Method and Description |
---|---|
void |
destroy() |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain fc) |
void |
init(javax.servlet.FilterConfig config) |
public static final String CAS_FILTER_USER
public CASFilter()
public void init(javax.servlet.FilterConfig config) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain fc) throws javax.servlet.ServletException, IOException
doFilter
in interface javax.servlet.Filter
javax.servlet.ServletException
IOException
public void destroy()
destroy
in interface javax.servlet.Filter
Copyright © 2015 Nuxeo SA. All rights reserved.