Created
October 6, 2011 17:03
-
-
Save edalquist/1267964 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public class RemoteUserNexusSecureHttpAuthenticationFilter extends NexusSecureHttpAuthenticationFilter { | |
/* (non-Javadoc) | |
* @see org.apache.shiro.web.filter.authc.AuthenticatingFilter#createToken(java.lang.String, java.lang.String, javax.servlet.ServletRequest, javax.servlet.ServletResponse) | |
*/ | |
@Override | |
protected AuthenticationToken createToken(String username, String password, ServletRequest request, ServletResponse response) { | |
final HttpServletRequest httpServletRequest = (HttpServletRequest)request; | |
final String remoteUser = httpServletRequest.getRemoteUser(); | |
if (remoteUser != null) { | |
return new RemoteUserAuthenticationToken(remoteUser); | |
} | |
//Fall back to normal auth | |
return super.createToken(username, password, request, response); | |
} | |
} | |
public class RemoteUserAuthenticationToken implements AuthenticationToken { | |
private final String remoteUser; | |
public RemoteUserAuthenticationToken(String remoteUser) { | |
this.remoteUser = remoteUser; | |
} | |
public String getRemoteUser() { | |
return remoteUser; | |
} | |
/* (non-Javadoc) | |
* @see org.apache.shiro.authc.AuthenticationToken#getPrincipal() | |
*/ | |
@Override | |
public Object getPrincipal() { | |
return getRemoteUser(); | |
} | |
/* (non-Javadoc) | |
* @see org.apache.shiro.authc.AuthenticationToken#getCredentials() | |
*/ | |
@Override | |
public Object getCredentials() { | |
// RemoteUser auth never has credentials | |
return null; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment