DeadboltFilter (Deadbolt Application Security Framework 1.0-B1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.sf.deadbolt
Class DeadboltFilter

java.lang.Object
  net.sf.deadbolt.DeadboltFilter

All Implemented Interfaces:: javax.servlet.Filter

public class DeadboltFilter
extends java.lang.Object
implements javax.servlet.Filter

This class is the meat of the Deadbolt framework. This filter is executed on every request for an application, and it determines the authentication and authorization setup for the requested resource.

Author:: Tim Solley

Constructor Summary
`DeadboltFilter()`

Method Summary
`void`	`destroy()` This is here for compliance with the `Filter` interface.
`void`	`doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)` This method will be called on each request to the application, provided the user used `/*` as the url-pattern element in the web.xml file.
`static java.util.Map`	`getErrorMessages()` This method will return the `Map` of error messages, which are `String` objects.
`void`	`init(javax.servlet.FilterConfig config)` This method is the starting point the the Deadbolt enabled application.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DeadboltFilter

public DeadboltFilter()

Method Detail

getErrorMessages

public static java.util.Map getErrorMessages()

This method will return the Map of error messages, which are String objects. This is used by the DeadboltHandlerto put messages in the request for later display by the DisplayErrorsTagcustom tag on the JSP page.

Returns:: Returns the errorMessages.

init

public void init(javax.servlet.FilterConfig config)
          throws javax.servlet.ServletException

This method is the starting point the the Deadbolt enabled application. It processes the configuration XML file and stores the configuration information in memory when the application starts up. That information will be later used by the doFilter method to secure the requested resource.

Specified by:: init in interface javax.servlet.Filter

Throws:: javax.servlet.ServletException

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException

This method will be called on each request to the application, provided the user used /* as the url-pattern element in the web.xml file. This method will examine the request, compare it's URL to a list of URL patterns defined in the config file, and execute handlers based on any room found that matches the URL pattern. It will then let the user pass to the requested resource, or send the user to the specified error page if not allowed. If any handler sends back a false, the user will not be permitted to enter. It should be noted that if a resource exists, and it's URL pattern is not specified in the config file, and a blanket /* is not used, a client will be allowed to access the resource and will not be protected by Deadbolt.

Specified by:: doFilter in interface javax.servlet.Filter

Throws:: java.io.IOException; javax.servlet.ServletException

destroy

public void destroy()

This is here for compliance with the Filter interface. Nothing is done in this method.

Specified by:: destroy in interface javax.servlet.Filter