commit 894ae4d6f2cc5ad31375de44278e480fc29cd597
author mentiro <dev-null@apache.org> Thu Jul 24 22:03:52 2008 +0000
committer mentiro <dev-null@apache.org> Thu Jul 24 22:03:52 2008 +0000
tree 8257db74fdb1f846ddef4f926917aaaf23ace7f3
parent 8e69b634c800e69e37024b7151eee7f37d5d6722

Updates to authc filter javadoc.

git-svn-id: https://svn.apache.org/repos/asf/incubator/jsecurity/trunk@711015 13f79535-47bb-0310-9956-ffa450edef68

src/org/jsecurity/web/filter/authc/FormAuthenticationFilter.java

diff --git a/src/org/jsecurity/web/filter/authc/FormAuthenticationFilter.java b/src/org/jsecurity/web/filter/authc/FormAuthenticationFilter.java
index 279249b..0c935d2 100644
--- a/src/org/jsecurity/web/filter/authc/FormAuthenticationFilter.java
+++ b/src/org/jsecurity/web/filter/authc/FormAuthenticationFilter.java
@@ -38,9 +38,20 @@
  * an i18n key or lookup mechanism that can then  be used to show the user why their login attempt failed
  * (e.g. no account, incorrect password, etc).
  *
+ * <p>This controller calls {@link org.jsecurity.subject.Subject#login(org.jsecurity.authc.AuthenticationToken)} with
+ * the values of the username, password, and remember me request parameters.  By default these are "username", "password",
+ * and "rememberMe" but can be customized via the appropriate properties.  By default, this login call occurs whenever
+ * the request is for the {@link #loginUrl} and it is a POST.  This determination can be overridden by subclasses
+ * by overridding the {@link #isLoginSubmission(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} method.
+ *
+ * <p>If you would prefer to handle the authentication validation and login in your own code, consider using the
+ * {@link org.jsecurity.web.filter.authc.PassThruAuthenticationFilter} instead, which allows requests to the
+ * {@link #loginUrl} to pass through to your application's code.
+ *
  * @author Les Hazlewood
  * @author Jeremy Haile
  * @since 0.9
+ * @see org.jsecurity.web.filter.authc.PassThruAuthenticationFilter
  */
 public class FormAuthenticationFilter extends AuthenticationFilter {
 

src/org/jsecurity/web/filter/authc/PassThruAuthenticationFilter.java

diff --git a/src/org/jsecurity/web/filter/authc/PassThruAuthenticationFilter.java b/src/org/jsecurity/web/filter/authc/PassThruAuthenticationFilter.java
index e8bc9d3..f7f4e9c 100644
--- a/src/org/jsecurity/web/filter/authc/PassThruAuthenticationFilter.java
+++ b/src/org/jsecurity/web/filter/authc/PassThruAuthenticationFilter.java
@@ -31,7 +31,7 @@
  * user by passing the "username" and "password" request parameter values to
  * {@link org.jsecurity.subject.Subject#login(org.jsecurity.authc.AuthenticationToken)}.
  * <p/>
- * This controller always passes all requests to the login URL through, both GETs and POSTs.
+ * This controller always passes all requests to the {@link #loginUrl} through, both GETs and POSTs.
  * This is useful in cases where the developer
  * wants to write their own login behavior, which should include a call to
  * {@link org.jsecurity.subject.Subject#login(org.jsecurity.authc.AuthenticationToken)} at some point.  For example,