Package org.apache.shiro.web.servlet

Class ShiroHttpServletRequest

java.lang.Object

javax.servlet.ServletRequestWrapper

javax.servlet.http.HttpServletRequestWrapper

org.apache.shiro.web.servlet.ShiroHttpServletRequest

All Implemented Interfaces:

javax.servlet.http.HttpServletRequest, javax.servlet.ServletRequest

public class ShiroHttpServletRequest
extends javax.servlet.http.HttpServletRequestWrapper

A ShiroHttpServletRequest wraps the Servlet container's original ServletRequest instance, but ensures that all HttpServletRequest invocations that require Shiro's support (getRemoteUser, getSession, etc) can be executed first by Shiro as necessary before allowing the underlying Servlet container instance's method to be invoked.

Since:

0.2

Field Summary

Fields

Modifier and Type	Field	Description
static String	COOKIE_SESSION_ID_SOURCE
protected boolean	httpSessions
static String	IDENTITY_REMOVED_KEY
static String	REFERENCED_SESSION_ID
static String	REFERENCED_SESSION_ID_IS_VALID
static String	REFERENCED_SESSION_ID_SOURCE
static String	REFERENCED_SESSION_IS_NEW
protected javax.servlet.ServletContext	servletContext
protected javax.servlet.http.HttpSession	session
static String	SESSION_ID_URL_REWRITING_ENABLED
static String	URL_SESSION_ID_SOURCE

Fields inherited from interface javax.servlet.http.HttpServletRequest

BASIC_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH, FORM_AUTH

Constructor Summary

Constructors

Constructor	Description
ShiroHttpServletRequest(javax.servlet.http.HttpServletRequest wrapped, javax.servlet.ServletContext servletContext, boolean httpSessions)

Method Summary

Modifier and Type	Method	Description
String	getRemoteUser()
String	getRequestedSessionId()
javax.servlet.http.HttpSession	getSession()
javax.servlet.http.HttpSession	getSession(boolean create)
protected org.apache.shiro.subject.Subject	getSubject()
protected Object	getSubjectPrincipal()
Principal	getUserPrincipal()
boolean	isHttpSessions()
boolean	isRequestedSessionIdFromCookie()
boolean	isRequestedSessionIdFromUrl()
boolean	isRequestedSessionIdFromURL()
boolean	isRequestedSessionIdValid()
boolean	isUserInRole(String s)

Methods inherited from class javax.servlet.http.HttpServletRequestWrapper

authenticate, changeSessionId, getAuthType, getContextPath, getCookies, getDateHeader, getHeader, getHeaderNames, getHeaders, getIntHeader, getMethod, getPart, getParts, getPathInfo, getPathTranslated, getQueryString, getRequestURI, getRequestURL, getServletPath, login, logout, upgrade

Methods inherited from class javax.servlet.ServletRequestWrapper

getAsyncContext, getAttribute, getAttributeNames, getCharacterEncoding, getContentLength, getContentLengthLong, getContentType, getDispatcherType, getInputStream, getLocalAddr, getLocale, getLocales, getLocalName, getLocalPort, getParameter, getParameterMap, getParameterNames, getParameterValues, getProtocol, getReader, getRealPath, getRemoteAddr, getRemoteHost, getRemotePort, getRequest, getRequestDispatcher, getScheme, getServerName, getServerPort, getServletContext, isAsyncStarted, isAsyncSupported, isSecure, isWrapperFor, isWrapperFor, removeAttribute, setAttribute, setCharacterEncoding, setRequest, startAsync, startAsync

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.servlet.ServletRequest

getAsyncContext, getAttribute, getAttributeNames, getCharacterEncoding, getContentLength, getContentLengthLong, getContentType, getDispatcherType, getInputStream, getLocalAddr, getLocale, getLocales, getLocalName, getLocalPort, getParameter, getParameterMap, getParameterNames, getParameterValues, getProtocol, getReader, getRealPath, getRemoteAddr, getRemoteHost, getRemotePort, getRequestDispatcher, getScheme, getServerName, getServerPort, getServletContext, isAsyncStarted, isAsyncSupported, isSecure, removeAttribute, setAttribute, setCharacterEncoding, startAsync, startAsync

Field Detail

COOKIE_SESSION_ID_SOURCE

public static final String COOKIE_SESSION_ID_SOURCE

See Also:

Constant Field Values

URL_SESSION_ID_SOURCE

public static final String URL_SESSION_ID_SOURCE

See Also:

Constant Field Values

REFERENCED_SESSION_ID

public static final String REFERENCED_SESSION_ID

REFERENCED_SESSION_ID_IS_VALID

public static final String REFERENCED_SESSION_ID_IS_VALID

REFERENCED_SESSION_IS_NEW

public static final String REFERENCED_SESSION_IS_NEW

REFERENCED_SESSION_ID_SOURCE

public static final String REFERENCED_SESSION_ID_SOURCE

IDENTITY_REMOVED_KEY

public static final String IDENTITY_REMOVED_KEY

SESSION_ID_URL_REWRITING_ENABLED

public static final String SESSION_ID_URL_REWRITING_ENABLED

servletContext

protected javax.servlet.ServletContext servletContext

session

protected javax.servlet.http.HttpSession session

httpSessions

protected boolean httpSessions

Constructor Detail

ShiroHttpServletRequest

public ShiroHttpServletRequest(javax.servlet.http.HttpServletRequest wrapped,
                               javax.servlet.ServletContext servletContext,
                               boolean httpSessions)

Method Detail

isHttpSessions

public boolean isHttpSessions()

getRemoteUser

public String getRemoteUser()

Specified by:

getRemoteUser in interface javax.servlet.http.HttpServletRequest

Overrides:

getRemoteUser in class javax.servlet.http.HttpServletRequestWrapper

getSubject

protected org.apache.shiro.subject.Subject getSubject()

getSubjectPrincipal

protected Object getSubjectPrincipal()

isUserInRole

public boolean isUserInRole(String s)

Specified by:

isUserInRole in interface javax.servlet.http.HttpServletRequest

Overrides:

isUserInRole in class javax.servlet.http.HttpServletRequestWrapper

getUserPrincipal

public Principal getUserPrincipal()

Specified by:

getUserPrincipal in interface javax.servlet.http.HttpServletRequest

Overrides:

getUserPrincipal in class javax.servlet.http.HttpServletRequestWrapper

getRequestedSessionId

public String getRequestedSessionId()

Specified by:

getRequestedSessionId in interface javax.servlet.http.HttpServletRequest

Overrides:

getRequestedSessionId in class javax.servlet.http.HttpServletRequestWrapper

getSession

public javax.servlet.http.HttpSession getSession(boolean create)

Specified by:

getSession in interface javax.servlet.http.HttpServletRequest

Overrides:

getSession in class javax.servlet.http.HttpServletRequestWrapper

getSession

public javax.servlet.http.HttpSession getSession()

Specified by:

getSession in interface javax.servlet.http.HttpServletRequest

Overrides:

getSession in class javax.servlet.http.HttpServletRequestWrapper

isRequestedSessionIdValid

public boolean isRequestedSessionIdValid()

Specified by:

isRequestedSessionIdValid in interface javax.servlet.http.HttpServletRequest

Overrides:

isRequestedSessionIdValid in class javax.servlet.http.HttpServletRequestWrapper

isRequestedSessionIdFromCookie

public boolean isRequestedSessionIdFromCookie()

Specified by:

isRequestedSessionIdFromCookie in interface javax.servlet.http.HttpServletRequest

Overrides:

isRequestedSessionIdFromCookie in class javax.servlet.http.HttpServletRequestWrapper

isRequestedSessionIdFromURL

public boolean isRequestedSessionIdFromURL()

Specified by:

isRequestedSessionIdFromURL in interface javax.servlet.http.HttpServletRequest

Overrides:

isRequestedSessionIdFromURL in class javax.servlet.http.HttpServletRequestWrapper

isRequestedSessionIdFromUrl

public boolean isRequestedSessionIdFromUrl()

Specified by:

isRequestedSessionIdFromUrl in interface javax.servlet.http.HttpServletRequest

Overrides:

isRequestedSessionIdFromUrl in class javax.servlet.http.HttpServletRequestWrapper