org.apache.shiro.web.filter
Class PathMatchingFilter

java.lang.Object
  extended by org.apache.shiro.web.servlet.ServletContextSupport
      extended by org.apache.shiro.web.servlet.AbstractFilter
          extended by org.apache.shiro.web.servlet.NameableFilter
              extended by org.apache.shiro.web.servlet.OncePerRequestFilter
                  extended by org.apache.shiro.web.servlet.AdviceFilter
                      extended by org.apache.shiro.web.filter.PathMatchingFilter
All Implemented Interfaces:
Filter, Nameable, PathConfigProcessor
Direct Known Subclasses:
AccessControlFilter, AnonymousFilter, NoSessionCreationFilter

public abstract class PathMatchingFilter
extends AdviceFilter
implements PathConfigProcessor

Base class for Filters that will process only specified paths and allow all others to pass through.

Since:
0.9

Field Summary
protected  Map<String,Object> appliedPaths
          A collection of path-to-config entries where the key is a path which this filter should process and the value is the (possibly null) configuration element specific to this Filter for that specific path.
protected  PatternMatcher pathMatcher
          PatternMatcher used in determining which paths to react to for a given request.
 
Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
 
Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
filterConfig
 
Constructor Summary
PathMatchingFilter()
           
 
Method Summary
protected  String getPathWithinApplication(ServletRequest request)
          Returns the context path within the application based on the specified request.
protected  boolean isEnabled(ServletRequest request, ServletResponse response, String path, Object mappedValue)
          Path-matching version of the parent class's OncePerRequestFilter.isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse) method, but additionally allows for inspection of any path-specific configuration values corresponding to the specified request.
protected  boolean onPreHandle(ServletRequest request, ServletResponse response, Object mappedValue)
          This default implementation always returns true and should be overridden by subclasses for custom logic if necessary.
protected  boolean pathsMatch(String path, ServletRequest request)
          Returns true if the incoming request matches the specified path pattern, false otherwise.
protected  boolean pathsMatch(String pattern, String path)
          Returns true if the path matches the specified pattern string, false otherwise.
protected  boolean preHandle(ServletRequest request, ServletResponse response)
          Implementation that handles path-matching behavior before a request is evaluated.
 Filter processPathConfig(String path, String config)
          Splits any comma-delmited values that might be found in the config argument and sets the resulting String[] array on the appliedPaths internal Map.
 
Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle
 
Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
 
Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder
 
Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
 
Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

pathMatcher

protected PatternMatcher pathMatcher
PatternMatcher used in determining which paths to react to for a given request.


appliedPaths

protected Map<String,Object> appliedPaths
A collection of path-to-config entries where the key is a path which this filter should process and the value is the (possibly null) configuration element specific to this Filter for that specific path.

To put it another way, the keys are the paths (urls) that this Filter will process.

The values are filter-specific data that this Filter should use when processing the corresponding key (path). The values can be null if no Filter-specific config was specified for that url.

Constructor Detail

PathMatchingFilter

public PathMatchingFilter()
Method Detail

processPathConfig

public Filter processPathConfig(String path,
                                String config)
Splits any comma-delmited values that might be found in the config argument and sets the resulting String[] array on the appliedPaths internal Map.

That is:


 String[] values = null;
 if (config != null) {
     values = split(config);
 }
 

this.appliedPaths.put(path, values);

Specified by:
processPathConfig in interface PathConfigProcessor
Parameters:
path - the application context path to match for executing this filter.
config - the specified for this particular filter only for the given path
Returns:
this configured filter.

getPathWithinApplication

protected String getPathWithinApplication(ServletRequest request)
Returns the context path within the application based on the specified request.

This implementation merely delegates to WebUtils.getPathWithinApplication(request), but can be overridden by subclasses for custom logic.

Parameters:
request - the incoming ServletRequest
Returns:
the context path within the application.

pathsMatch

protected boolean pathsMatch(String path,
                             ServletRequest request)
Returns true if the incoming request matches the specified path pattern, false otherwise.

The default implementation acquires the request's path within the application and determines if that matches:

String requestURI = getPathWithinApplication(request);
return pathsMatch(path,requestURI)

Parameters:
path - the configured url pattern to check the incoming request against.
request - the incoming ServletRequest
Returns:
true if the incoming request matches the specified path pattern, false otherwise.

pathsMatch

protected boolean pathsMatch(String pattern,
                             String path)
Returns true if the path matches the specified pattern string, false otherwise.

Simply delegates to this.pathMatcher.matches(pattern,path), but can be overridden by subclasses for custom matching behavior.

Parameters:
pattern - the pattern to match against
path - the value to match with the specified pattern
Returns:
true if the path matches the specified pattern string, false otherwise.

preHandle

protected boolean preHandle(ServletRequest request,
                            ServletResponse response)
                     throws Exception
Implementation that handles path-matching behavior before a request is evaluated. If the path matches and the filter isEnabled for that path/config, the request will be allowed through via the result from onPreHandle. If the path does not match or the filter is not enabled for that path, this filter will allow passthrough immediately to allow the FilterChain to continue executing.

In order to retain path-matching functionality, subclasses should not override this method if at all possible, and instead override onPreHandle instead.

Overrides:
preHandle in class AdviceFilter
Parameters:
request - the incoming ServletRequest
response - the outgoing ServletResponse
Returns:
true if the filter chain is allowed to continue to execute, false if a subclass has handled the request explicitly.
Throws:
Exception - if an error occurs

onPreHandle

protected boolean onPreHandle(ServletRequest request,
                              ServletResponse response,
                              Object mappedValue)
                       throws Exception
This default implementation always returns true and should be overridden by subclasses for custom logic if necessary.

Parameters:
request - the incoming ServletRequest
response - the outgoing ServletResponse
mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
Returns:
true if the request should be able to continue, false if the filter will handle the response directly.
Throws:
Exception - if an error occurs
See Also:
isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse, String, Object)

isEnabled

protected boolean isEnabled(ServletRequest request,
                            ServletResponse response,
                            String path,
                            Object mappedValue)
                     throws Exception
Path-matching version of the parent class's OncePerRequestFilter.isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse) method, but additionally allows for inspection of any path-specific configuration values corresponding to the specified request. Subclasses may wish to inspect this additional mapped configuration to determine if the filter is enabled or not.

This method's default implementation ignores the path and mappedValue arguments and merely returns the value from a call to OncePerRequestFilter.isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse). It is expected that subclasses override this method if they need to perform enable/disable logic for a specific request based on any path-specific config for the filter instance.

Parameters:
request - the incoming servlet request
response - the outbound servlet response
path - the path matched for the incoming servlet request that has been configured with the given mappedValue.
mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings for the given path.
Returns:
true if this filter should filter the specified request, false if it should let the request/response pass through immediately to the next element in the FilterChain.
Throws:
Exception - in the case of any error
Since:
1.2


Copyright © 2004-2014 The Apache Software Foundation. All Rights Reserved.