Package | Description |
---|---|
org.forgerock.http.filter |
Core
Filter implementations. |
org.forgerock.http.filter.throttling |
This package contains the components used to implement a throttling rate support.
|
org.forgerock.http.handler |
Core
Handler implementations. |
org.forgerock.http.oauth2 |
This package provides APIs for OAuth 2.0 services implementations.
|
org.forgerock.http.routing |
Provides routing functionality for HTTP requests.
|
org.forgerock.http.swagger |
Classes to support OpenAPI API Descriptions using Swagger.
|
org.forgerock.openig.decoration.baseuri |
Contains a decorator which overrides the existing request URI, making requests relative to
a new base URI.
|
org.forgerock.openig.decoration.capture |
Capture decoration classes that prints filters and handlers input and output messages.
|
org.forgerock.openig.decoration.helper |
Contains an abstract decorator dedicated to Filter and Handler.
|
org.forgerock.openig.decoration.timer |
Contains a decorator that log time elapsed in a Filter or a Handler.
|
org.forgerock.openig.doc |
Files for the Sample Application used in the product documentation.
|
org.forgerock.openig.filter |
Filters the requests and/or responses of HTTP.
|
org.forgerock.openig.filter.oauth2.client |
OAuth 2.0 Client filter implementation.
|
org.forgerock.openig.openam |
Integration classes specifically for ForgeRock Access Management.
|
org.forgerock.openig.tools |
Common tools used in policy service.
|
org.forgerock.openig.uma |
This package contains the UMA (User Managed Access) components used to support the Uma Resource Server role.
|
org.forgerock.openig.websocket |
WebSocket proxy support.
|
Modifier and Type | Class and Description |
---|---|
class |
ConditionalFilter
This filter conditionally executes a delegate Filter given the result of a 'condition' function.
|
class |
CsrfFilter
A generic filter for preventing cross-site request forgery (CSRF) attacks when using cookie-based authentication.
|
class |
OptionsFilter
Filter which handles OPTION HTTP requests to CREST resources. |
class |
TransactionIdInboundFilter
This filter is responsible to create the
TransactionIdContext in the context's chain. |
class |
TransactionIdOutboundFilter
This filter aims to create a sub-transaction's id and inserts that value as a header of the request.
|
Modifier and Type | Method and Description |
---|---|
static Filter |
Filters.chainOf(Filter... filters)
Creates a
Filter which encapsulates the provided filters
into a single Filter . |
static Filter |
Filters.chainOf(List<Filter> filters)
Creates a
Filter which encapsulates the provided filters
into a single Filter . |
static Filter |
Filters.newDefaultCsrfFilter(String cookieName)
Creates a filter that protects against cross-site request forgery (CSRF) attacks when using cookies for
authentication.
|
static Filter |
Filters.newHttpBasicAuthenticationFilter(String username,
String password)
Creates an authentication
Filter that put a Basic Authorization
header in the request. |
static Filter |
Filters.newHttpBasicAuthenticationFilter(String username,
String password,
Charset charset)
Creates an authentication
Filter that put a Basic Authorization
header in the request. |
static Filter |
Filters.newOptionsFilter(String... allowedMethods)
Creates a
Filter which handles HTTP OPTIONS method requests. |
static Filter |
Filters.newSessionFilter(SessionManager sessionManager)
Creates a session
Filter that will use the provided
SessionManager to manage the users session. |
static Filter |
Filters.requestCopyFilter()
|
Modifier and Type | Method and Description |
---|---|
static Filter |
Filters.chainOf(Filter... filters)
Creates a
Filter which encapsulates the provided filters
into a single Filter . |
Modifier and Type | Method and Description |
---|---|
static Filter |
Filters.chainOf(List<Filter> filters)
Creates a
Filter which encapsulates the provided filters
into a single Filter . |
Constructor and Description |
---|
ConditionalFilter(Filter delegate,
AsyncFunction<ContextAndRequest,Boolean,Exception> condition)
Constructs a
ConditionalFilter . |
ConditionalFilter(Filter delegate,
boolean condition)
Constructs a
ConditionalFilter . |
Modifier and Type | Class and Description |
---|---|
class |
ThrottlingFilter
This filter applies a rate limitation to incoming requests : over the limit requests will be rejected with a 429
(Too Many Requests) response, others will pass through.
|
Modifier and Type | Method and Description |
---|---|
static DescribableHandler |
Handlers.chainOf(Handler handler,
Filter... filters)
Creates a
Handler which wraps the provided filters
around the provided target handler. |
static DescribableHandler |
Handlers.filtered(Handler handler,
Filter filter)
Creates a "filtered handler" instance.
|
Modifier and Type | Method and Description |
---|---|
static DescribableHandler |
Handlers.chainOf(Handler handler,
List<Filter> filters)
Creates a
Handler which wraps the provided filters
around the provided target handler. |
Modifier and Type | Class and Description |
---|---|
class |
ResourceServerFilter
Validates a
Request that contains an OAuth 2.0 access token. |
Modifier and Type | Class and Description |
---|---|
class |
ResourceApiVersionRoutingFilter
API Version routing filter which creates a
ApiVersionRouterContext
which contains the default routing behaviour when the
Accept-API-Version header is set on the request. |
Modifier and Type | Method and Description |
---|---|
static Filter |
RouteMatchers.resourceApiVersionContextFilter(ResourceApiVersionBehaviourManager behaviourManager)
Creates a
Filter which MUST be placed, in the route, before any
API Version routing takes place. |
Modifier and Type | Class and Description |
---|---|
class |
OpenApiRequestFilter
This filter looks for the query parameter {code _api} : if present then it returns the API description of the
downstream handlers, otherwise the request is processed as expected.
|
Modifier and Type | Method and Description |
---|---|
protected DecorationHandle |
BaseUriDecorator.decorateFilter(Filter delegate,
JsonValue decoratorConfig,
Context context) |
Modifier and Type | Method and Description |
---|---|
protected DecorationHandle |
CaptureDecorator.decorateFilter(Filter delegate,
JsonValue decoratorConfig,
Context context) |
Modifier and Type | Method and Description |
---|---|
protected abstract DecorationHandle |
AbstractHandlerAndFilterDecorator.decorateFilter(Filter delegate,
JsonValue decoratorConfig,
Context context)
|
Modifier and Type | Method and Description |
---|---|
protected DecorationHandle |
TimerDecorator.decorateFilter(Filter delegate,
JsonValue decoratorConfig,
Context context) |
Modifier and Type | Class and Description |
---|---|
class |
SampleFilter
Filter to set a header in the incoming request and in the outgoing response.
|
Modifier and Type | Class and Description |
---|---|
class |
AssignmentFilter
Conditionally assigns values to expressions before and after the request is handled.
|
class |
ConditionEnforcementFilter
An
ConditionEnforcementFilter makes sure that the handled Request verifies
a condition. |
class |
CookieFilter
Suppresses, relays and manages cookies.
|
class |
CryptoHeaderFilter
Encrypts and decrypts header fields.
|
class |
EntityExtractFilter
Extracts regular expression patterns from a message entity.
|
class |
FileAttributesFilter
Retrieves and exposes a record from a delimiter-separated file.
|
class |
HeaderFilter
Removes headers from and adds headers to a message.
|
class |
HttpAccessAuditFilter
This filter aims to send some access audit events to the AuditService managed as a CREST handler.
|
class |
HttpBasicAuthFilter
Performs authentication through the HTTP Basic authentication scheme.
|
class |
JwtBuilderFilter
The JwtBuilderFilter collects data from template
and puts the name-value pairs into a JWT structure.
|
class |
LocationHeaderFilter
Rewrites Location headers on responses that generate a redirect that would
take the user directly to the application being proxied rather than taking
the user through the Identity Gateway.
|
class |
LogAttachedExceptionFilter
A
LogAttachedExceptionFilter prints attached exceptions to filtered responses. |
class |
MdcRouteIdFilter
A
MdcRouteIdFilter aims to prepare the current thread with SLF4J MDC information about the current route. |
class |
RetryFilter
A
RetryFilter is responsible for re-executing the incoming request should it fail with a runtime
exception. |
class |
RuntimeExceptionFilter
This filter aims to guarantee the caller that it will always get a Response to process, even if the next
returns a promise completed with a
RuntimeException , or even if a RuntimeException is thrown. |
class |
ScriptableFilter
A scriptable filter.
|
class |
SqlAttributesFilter
Executes a SQL query through a prepared statement and exposes its first result.
|
class |
StaticRequestFilter
Creates a new request and send it down the next handler (effectively replacing the previous request).
|
class |
SwitchFilter
Conditionally diverts the request to another handler.
|
Modifier and Type | Class and Description |
---|---|
class |
ClientRegistrationFilter
The client registration filter is the way to dynamically register an OpenID
Connect Relying Party with the End-User's OpenID Provider.
|
class |
DiscoveryFilter
In order for an OpenID Connect Relying Party to utilize OpenID Connect
services for an End-User, the RP needs to know where the OpenID Provider is.
|
class |
OAuth2ClientFilter
A filter which is responsible for authenticating the end-user using OAuth 2.0
delegated authorization.
|
Modifier and Type | Class and Description |
---|---|
class |
AbstractConditionAdviceFilter
Abstract
Filter base class providing policy condition advice support. |
class |
CapturedUserPasswordFilter
The
CapturedUserPasswordFilter is responsible for retrieving the user password from
AM and to decrypt it. |
class |
CdSsoConditionAdviceFilter
This filter handles any condition advices returned from AM during a policy evaluation, which one will depend on
the policy.
|
class |
CrossDomainSingleSignOnFilter
This filter verifies the presence of a JWT authentication token in the configured cookie name:
If the JWT is present then its validity is checked and the request is forwarded to the next handler.
If the JWT is not present, then the user-agent is redirected to Access Management via its OAuth2
authorization endpoint, to obtain user authentication.
|
class |
DeprecatedUserProfileFilter
Deprecated.
Since 6.5. Prefer to use the
UserProfileFilter that does not require a SSO Token. |
class |
PolicyEnforcementFilter
This filter requests policy decisions from Access Management which evaluates the
original URI based on the context and the policies configured, and according
to the decisions, allows or denies the current request.
|
class |
SessionInfoFilter
This filter requests user session info from Access Management and stores it
on the context for later use.
|
class |
SingleSignOnFilter
This filter verifies the presence of a SSOToken in the given cookie name.
|
class |
TokenTransformationFilter
A
TokenTransformationFilter is responsible for transforming a token issued by Access Management
into a token of another type. |
class |
UserProfileFilter
This filter requests user profile attributes from Access Management and stores them in the context for later use.
|
Modifier and Type | Class and Description |
---|---|
class |
ApiVersionProtocolHeaderFilter
This filter overrides the protocol version in Accept-Api-Version header.
|
class |
HeadlessAuthenticationFilter
Provides an OpenAM SSO Token in the given header name for downstream components.
|
class |
InsertSsoTokenHeaderFilter
This filter is responsible to check that an @
InternalSsoTokenContext was defined in the context's chain and
to propagate the SSO token (potentially not valid) into the request as a header. |
Modifier and Type | Class and Description |
---|---|
class |
UmaResourceServerFilter
An
UmaResourceServerFilter implements a PEP (Policy Enforcement Point) and is responsible to ensure the
incoming requests (from requesting parties) all have a valid RPT (Request Party Token) with the required set of
scopes. |
Modifier and Type | Class and Description |
---|---|
class |
WebSocketProxyFilter
A
WebSocketProxyFilter detects WebSocket upgrade requests and, when found, connects
to the protected application using a dedicated tunnel. |
Copyright 2011-2017 ForgeRock AS.