001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.web.servlet;
020
021import org.apache.shiro.web.env.WebEnvironment;
022import org.apache.shiro.web.filter.mgt.FilterChainResolver;
023import org.apache.shiro.web.util.WebUtils;
024
025/**
026 * Primary Shiro Filter for web applications configuring Shiro via Servlet <listener> in web.xml.
027 * <p/>
028 * As of Shiro 1.2, this is Shiro's preferred filter for {@code web.xml} configuration.  It expects the presence of a
029 * Shiro {@link org.apache.shiro.web.env.WebEnvironment WebEnvironment} in the {@code ServletContext}, also
030 * configured via {@code web.xml}.
031 * <h2>Usage</h2>
032 * As this Filter expects an available {@link org.apache.shiro.web.env.WebEnvironment WebEnvironment} instance to
033 * be configured, it must be defined in {@code web.xml} with the companion
034 * {@link org.apache.shiro.web.env.EnvironmentLoaderListener EnvironmentLoaderListener}, which performs the necessary
035 * environment setup.  For example:
036 * <pre>
037 * &lt;listener&gt;
038 *     &lt;listener-class&gt;{@link org.apache.shiro.web.env.EnvironmentLoaderListener}&lt;/listener-class&gt;
039 * &lt;/listener&gt;
040 * ...
041 * &lt;filter&gt;
042 *     &lt;filter-name&gt;ShiroFilter&lt;/filter-name&gt;
043 *     &lt;filter-class&gt;org.apache.shiro.web.servlet.ShiroFilter&lt;/filter-class&gt;
044 * &lt;/filter&gt;
045 *
046 * &lt;-- Filter all web requests.  This filter mapping is typically declared
047 *     before all others to ensure any other filters are secured as well: --&gt;
048 * &lt;filter-mapping&gt;
049 *     &lt;filter-name&gt;ShiroFilter&lt;/filter-name&gt;
050 *     &lt;url-pattern&gt;/*&lt;/url-pattern&gt;
051 * &lt;/filter-mapping&gt;
052 * </pre>
053 * Configuration options (configuration file paths, etc) are specified as part of the
054 * {@code EnvironmentLoaderListener} configuration.  See the
055 * {@link org.apache.shiro.web.env.EnvironmentLoader EnvironmentLoader} JavaDoc for configuration options.
056 *
057 * @see org.apache.shiro.web.env.EnvironmentLoader EnvironmentLoader
058 * @see org.apache.shiro.web.env.EnvironmentLoaderListener EnvironmentLoaderListener
059 * @see <a href="http://shiro.apache.org/web.html">Apache Shiro Web Documentation</a>
060 * @since 1.2
061 */
062public class ShiroFilter extends AbstractShiroFilter {
063
064    /**
065     * Configures this instance based on the existing {@link org.apache.shiro.web.env.WebEnvironment} instance
066     * available to the currently accessible {@link #getServletContext() servletContext}.
067     *
068     * @see org.apache.shiro.web.env.EnvironmentLoaderListener
069     * @since 1.2
070     */
071    @Override
072    public void init() throws Exception {
073        WebEnvironment env = WebUtils.getRequiredWebEnvironment(getServletContext());
074
075        setSecurityManager(env.getWebSecurityManager());
076
077        FilterChainResolver resolver = env.getFilterChainResolver();
078        if (resolver != null) {
079            setFilterChainResolver(resolver);
080        }
081    }
082}