|Home >> All >> org >> securityfilter|
|||org.securityfilter.authenticator.* (4)||||org.securityfilter.config.* (4)|
|||org.securityfilter.example.* (3)||||org.securityfilter.filter.* (6)|
|||org.securityfilter.realm.* (4)||||org.securityfilter.servlet.* (1)|
NoResponseServlet: This servlet does nothing. It is provided as a convenience for containers that do not allow the use of j_security_check as the login form submit pattern. An alternate pattern, such as /login can be used and mapped to this servlet. With that configuration, this servlet will never be executed becuase the filter will intercept all requests to /login and never pass them down the chain to this servlet.
SecurityRealmInterface: SecurityRealmInterface - realm interface for SecurityFilter. Implement this interface to provide a realm implementation against which SecurityFilter can authenticate and authortize users. Typically, a project will implement this interface or adapt an existing realm implementation to this interface.
AuthenticatorFactory: AuthenticatorFactory - this class will create Authenticator instance. It is designed to be easy to extend to add more Authenticator implementations, or to allow custom Authenticators to be specified in the config file and created here in this factory class.
SimpleSecurityRealmBase: Security realm base class. This class insulates you from having to create or process Principal objects. You can implement a realm by overriding the two methods that neither take or return a Principal object and this class does the conversions for you.
SavedRequest: SavedRequest represents a request that initiated an authorization sequence. It saves the parameterMap and (HTTP) Method of the original request to be used after the user is authenticated and the original request information is needed for processing.
URLPattern: URLPattern - Contains matchable URL pattern and the associated SecurityConstraint and WebResourceCollection objects for the pattern. Also supports sorting according to the Servlet Spec v2.3.
Authenticator: Authenticator - interface for a SecurityFilter authenticator module. Implementations correspond to an implementation method, such as FORM or BASIC (others are possible).
TrivialSecurityRealm: Trivial implementation of the SecurityRealmInterface. There is one user: username is 'username', password is 'password' And this user is in one role: 'inthisrole'
WebResourceCollection: WebResourceCollection represents a web-resource-collection from the security config file. It has a list of url patterns, and a list of http methods.
TrivialCatalinaRealm: TrivialCatalinaRealm - Trivial Catalina Realm implementation to demonstrate org.securityfilter.realm.catalina.CatalinaRealmAdapter adapter class.
UTFTest: UTFTest - test with UTF-encoded URLs to ensure proper operation when UTF-encoded URLs are used. Failures would indicate a security vulnerability.
URLPatternFactory: URLPatternFactory creates URLPattern instances. It keeps a Perl5PatternCompiler to use for the creation of a set of instances.
URLPatternMatcher: URLPatternMatcher - A non-thread safe object to be used to match a request pattern with URLPattern objects.
PostMethodTest: PostMethodTest - tests that POSTed parameters are maintained through an authentication sequence.
SecurityConfig: SecurityConfig gathers information from the security-config.xml file to be used by the filter.
DefaultPageTest: DefaultPageTest - tests that the user is sent to the default page on an "unsolicited" login.
PathTricksTest: PathTricksTest - tests for proper operation when "path tricks" are employed in URLs
CatalinaRealmAdapter: CatalinaRealmAdapter - adapts a Catalina Realm for use with the securityfilter
BasicAuthenticator: BasicAuthenticator - authenticator implementation for the BASIC auth method.
FormAuthenticator: FormAuthenticator - authenticator implementation for the FORM auth method.
Constants: Constants - constants for the example applications to facilitate testing
SecurityFilter: SecurityFilter provides authentication and authorization services.
JustInTimeTest: JustInTimeTest - This tests normal just-in-time login behavior.
SessionInvalidationTest: SessionInvalidationTest - tests the logout functionality.
SimplePrincipal: SimplePrincipal - a simple, serializable Principal.