001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    package org.apache.shiro.web.filter.authc;
020    
021    import org.apache.shiro.subject.Subject;
022    import org.apache.shiro.web.filter.AccessControlFilter;
023    import org.apache.shiro.web.util.WebUtils;
024    
025    import javax.servlet.ServletRequest;
026    import javax.servlet.ServletResponse;
027    
028    /**
029     * Base class for all Filters that require the current user to be authenticated. This class encapsulates the
030     * logic of checking whether a user is already authenticated in the system while subclasses are required to perform
031     * specific logic for unauthenticated requests.
032     *
033     * @since 0.9
034     */
035    public abstract class AuthenticationFilter extends AccessControlFilter {
036    
037        //TODO - complete JavaDoc
038    
039        public static final String DEFAULT_SUCCESS_URL = "/";
040    
041        private String successUrl = DEFAULT_SUCCESS_URL;
042    
043        /**
044         * Returns the success url to use as the default location a user is sent after logging in.  Typically a redirect
045         * after login will redirect to the originally request URL; this property is provided mainly as a fallback in case
046         * the original request URL is not available or not specified.
047         * <p/>
048         * The default value is {@link #DEFAULT_SUCCESS_URL}.
049         *
050         * @return the success url to use as the default location a user is sent after logging in.
051         */
052        public String getSuccessUrl() {
053            return successUrl;
054        }
055    
056        /**
057         * Sets the default/fallback success url to use as the default location a user is sent after logging in.  Typically
058         * a redirect after login will redirect to the originally request URL; this property is provided mainly as a
059         * fallback in case the original request URL is not available or not specified.
060         * <p/>
061         * The default value is {@link #DEFAULT_SUCCESS_URL}.
062         *
063         * @param successUrl the success URL to redirect the user to after a successful login.
064         */
065        public void setSuccessUrl(String successUrl) {
066            this.successUrl = successUrl;
067        }
068    
069    
070        /**
071         * Determines whether the current subject is authenticated.
072         * <p/>
073         * The default implementation {@link #getSubject(javax.servlet.ServletRequest, javax.servlet.ServletResponse) acquires}
074         * the currently executing Subject and then returns
075         * {@link org.apache.shiro.subject.Subject#isAuthenticated() subject.isAuthenticated()};
076         *
077         * @return true if the subject is authenticated; false if the subject is unauthenticated
078         */
079        protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
080            Subject subject = getSubject(request, response);
081            return subject.isAuthenticated();
082        }
083    
084        /**
085         * Redirects to user to the previously attempted URL after a successful login.  This implementation simply calls
086         * <code>{@link org.apache.shiro.web.util.WebUtils WebUtils}.{@link WebUtils#redirectToSavedRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse, String) redirectToSavedRequest}</code>
087         * using the {@link #getSuccessUrl() successUrl} as the {@code fallbackUrl} argument to that call.
088         *
089         * @param request  the incoming request
090         * @param response the outgoing response
091         * @throws Exception if there is a problem redirecting.
092         */
093        protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
094            WebUtils.redirectToSavedRequest(request, response, getSuccessUrl());
095        }
096    
097    }