001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    package org.apache.shiro.web.servlet;
020    
021    import org.apache.shiro.web.env.WebEnvironment;
022    import org.apache.shiro.web.filter.mgt.FilterChainResolver;
023    import org.apache.shiro.web.util.WebUtils;
024    
025    /**
026     * Primary Shiro Filter for web applications configuring Shiro via Servlet <listener> in web.xml.
027     * <p/>
028     * As of Shiro 1.2, this is Shiro's preferred filter for {@code web.xml} configuration.  It expects the presence of a
029     * Shiro {@link org.apache.shiro.web.env.WebEnvironment WebEnvironment} in the {@code ServletContext}, also
030     * configured via {@code web.xml}.
031     * <h2>Usage</h2>
032     * As this Filter expects an available {@link org.apache.shiro.web.env.WebEnvironment WebEnvironment} instance to
033     * be configured, it must be defined in {@code web.xml} with the companion
034     * {@link org.apache.shiro.web.env.EnvironmentLoaderListener EnvironmentLoaderListener}, which performs the necessary
035     * environment setup.  For example:
036     * <pre>
037     * &lt;listener&gt;
038     *     &lt;listener-class&gt;{@link org.apache.shiro.web.env.EnvironmentLoaderListener}&lt;/listener-class&gt;
039     * &lt;/listener&gt;
040     * ...
041     * &lt;filter&gt;
042     *     &lt;filter-name&gt;ShiroFilter&lt;/filter-name&gt;
043     *     &lt;filter-class&gt;org.apache.shiro.web.servlet.ShiroFilter&lt;/filter-class&gt;
044     * &lt;/filter&gt;
045     *
046     * &lt;-- Filter all web requests.  This filter mapping is typically declared
047     *     before all others to ensure any other filters are secured as well: --&gt;
048     * &lt;filter-mapping&gt;
049     *     &lt;filter-name&gt;ShiroFilter&lt;/filter-name&gt;
050     *     &lt;url-pattern&gt;/*&lt;/url-pattern&gt;
051     * &lt;/filter-mapping&gt;
052     * </pre>
053     * Configuration options (configuration file paths, etc) are specified as part of the
054     * {@code EnvironmentLoaderListener} configuration.  See the
055     * {@link org.apache.shiro.web.env.EnvironmentLoader EnvironmentLoader} JavaDoc for configuration options.
056     *
057     * @see org.apache.shiro.web.env.EnvironmentLoader EnvironmentLoader
058     * @see org.apache.shiro.web.env.EnvironmentLoaderListener EnvironmentLoaderListener
059     * @see <a href="http://shiro.apache.org/web.html">Apache Shiro Web Documentation</a>
060     * @since 1.2
061     */
062    public class ShiroFilter extends AbstractShiroFilter {
063    
064        /**
065         * Configures this instance based on the existing {@link org.apache.shiro.web.env.WebEnvironment} instance
066         * available to the currently accessible {@link #getServletContext() servletContext}.
067         *
068         * @see org.apache.shiro.web.env.EnvironmentLoaderListener
069         * @since 1.2
070         */
071        @Override
072        public void init() throws Exception {
073            WebEnvironment env = WebUtils.getRequiredWebEnvironment(getServletContext());
074    
075            setSecurityManager(env.getWebSecurityManager());
076    
077            FilterChainResolver resolver = env.getFilterChainResolver();
078            if (resolver != null) {
079                setFilterChainResolver(resolver);
080            }
081        }
082    }