View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.shiro.web.tags;
20  
21  import javax.servlet.jsp.JspException;
22  import javax.servlet.jsp.tagext.TagSupport;
23  
24  import org.slf4j.Logger;
25  import org.slf4j.LoggerFactory;
26  
27  
28  /**
29   * JSP tag that renders the tag body only if the current user has executed a <b>successful</b> authentication attempt
30   * <em>during their current session</em>.
31   *
32   * <p>This is more restrictive than the {@link UserTag}, which only
33   * ensures the current user is known to the system, either via a current login or from Remember Me services,
34   * which only makes the assumption that the current user is who they say they are, and does not guarantee it like
35   * this tag does.
36   *
37   * <p>The logically opposite tag of this one is the {@link NotAuthenticatedTag}
38   *
39   * @since 0.2
40   */
41  public class AuthenticatedTag extends SecureTag {
42  
43      //TODO - complete JavaDoc
44  
45      private static final Logger log = LoggerFactory.getLogger(AuthenticatedTag.class);
46  
47      public int onDoStartTag() throws JspException {
48          if (getSubject() != null && getSubject().isAuthenticated()) {
49              if (log.isTraceEnabled()) {
50                  log.trace("Subject exists and is authenticated.  Tag body will be evaluated.");
51              }
52              return TagSupport.EVAL_BODY_INCLUDE;
53          } else {
54              if (log.isTraceEnabled()) {
55                  log.trace("Subject does not exist or is not authenticated.  Tag body will not be evaluated.");
56              }
57              return TagSupport.SKIP_BODY;
58          }
59      }
60  }