Filter that verifies that the WikiEngine is running, and sets the authentication status for the user's WikiSession. Each HTTP request processed by this filter is wrapped by a WikiRequestWrapper. The wrapper's primary responsibility is to return the correct userPrincipal and remoteUser for authenticated JSPWiki users (whether authenticated by container or by JSPWiki's custom system).
The wrapper's other responsibility is to incorporate JSPWiki built-in roles into the role-checking algorithm for HttpServletRequest#isUserInRole(String). Just before the request is wrapped, the method org.apache.wiki.auth.AuthenticationManager#login(HttpServletRequest) executes; this method contains all of the logic needed to grab any user login credentials set by the container or by cookies.