Package com.spotfire.server.security

Interface PostAuthenticationFilter

public interface PostAuthenticationFilter
An interface defining the methods that must be implemented by a class to which post authentication filtering duties can be delegated.

For example, such a custom filter can be used to make sure that clients only can login from authorized computers by checking the client computers' IP numbers.

It can also be used to perform some kind of identity transformation, for example when the login identifier differs from the application identity.

May be combined with username/password authentication and a custom login page if some additional information (besides the username and the password) needs to be collected from the user and validated or logged.

Since:
3.0

  • Method Details

    • init

      default void init(PostAuthenticationFilterInitContext initContext) throws PostAuthenticationFilterException
      Initializes this PostAuthenticationFilter.

      The default implementation does nothing.

      Parameters:
      initContext - an initialization context containing parameters and other information that may be used by the implementing class
      Throws:
      PostAuthenticationFilterException - if the initialization failed
      Since:
      10.1

    • filter

      SecurityContext filter(SecurityContext securityContext, AuthenticationContext authContext)
      Applies a post authentication filter on the provided SecurityContext argument. If an authenticated user should be blocked by the filter, the filter should return null.
      Parameters:
      securityContext - the SecurityContext object to be filtered
      authContext - the context in which the authentication takes place
      Returns:
      a transformed SecurityContext value, or null when the authentication attempt is blocked
      Since:
      3.0