001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.web.filter.authc;
020
021import org.apache.shiro.subject.Subject;
022import org.apache.shiro.web.filter.AccessControlFilter;
023import org.apache.shiro.web.util.WebUtils;
024
025import javax.servlet.ServletRequest;
026import javax.servlet.ServletResponse;
027
028/**
029 * Base class for all Filters that require the current user to be authenticated. This class encapsulates the
030 * logic of checking whether a user is already authenticated in the system while subclasses are required to perform
031 * specific logic for unauthenticated requests.
032 *
033 * @since 0.9
034 */
035public abstract class AuthenticationFilter extends AccessControlFilter {
036
037    //TODO - complete JavaDoc
038
039    public static final String DEFAULT_SUCCESS_URL = "/";
040
041    private String successUrl = DEFAULT_SUCCESS_URL;
042
043    /**
044     * Returns the success url to use as the default location a user is sent after logging in.  Typically a redirect
045     * after login will redirect to the originally request URL; this property is provided mainly as a fallback in case
046     * the original request URL is not available or not specified.
047     * <p/>
048     * The default value is {@link #DEFAULT_SUCCESS_URL}.
049     *
050     * @return the success url to use as the default location a user is sent after logging in.
051     */
052    public String getSuccessUrl() {
053        return successUrl;
054    }
055
056    /**
057     * Sets the default/fallback success url to use as the default location a user is sent after logging in.  Typically
058     * a redirect after login will redirect to the originally request URL; this property is provided mainly as a
059     * fallback in case the original request URL is not available or not specified.
060     * <p/>
061     * The default value is {@link #DEFAULT_SUCCESS_URL}.
062     *
063     * @param successUrl the success URL to redirect the user to after a successful login.
064     */
065    public void setSuccessUrl(String successUrl) {
066        this.successUrl = successUrl;
067    }
068
069
070    /**
071     * Determines whether the current subject is authenticated.
072     * <p/>
073     * The default implementation {@link #getSubject(javax.servlet.ServletRequest, javax.servlet.ServletResponse) acquires}
074     * the currently executing Subject and then returns
075     * {@link org.apache.shiro.subject.Subject#isAuthenticated() subject.isAuthenticated()};
076     *
077     * @return true if the subject is authenticated; false if the subject is unauthenticated
078     */
079    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
080        Subject subject = getSubject(request, response);
081        return subject.isAuthenticated();
082    }
083
084    /**
085     * Redirects to user to the previously attempted URL after a successful login.  This implementation simply calls
086     * <code>{@link org.apache.shiro.web.util.WebUtils WebUtils}.{@link WebUtils#redirectToSavedRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse, String) redirectToSavedRequest}</code>
087     * using the {@link #getSuccessUrl() successUrl} as the {@code fallbackUrl} argument to that call.
088     *
089     * @param request  the incoming request
090     * @param response the outgoing response
091     * @throws Exception if there is a problem redirecting.
092     */
093    protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
094        WebUtils.redirectToSavedRequest(request, response, getSuccessUrl());
095    }
096
097}