|
|||||||||
| Home >> All >> net >> sf >> acegisecurity >> intercept >> [ web overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
net.sf.acegisecurity.intercept.web
Class SecurityEnforcementFilter
java.lang.Objectnet.sf.acegisecurity.intercept.web.SecurityEnforcementFilter
- All Implemented Interfaces:
- javax.servlet.Filter, org.springframework.beans.factory.InitializingBean
- public class SecurityEnforcementFilter
- extends java.lang.Object
- implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean
- extends java.lang.Object
Wraps requests to the FilterSecurityInterceptor.
This filter is necessary because it provides the bridge between incoming
requests and the FilterSecurityInterceptor instance.
If an net.sf.acegisecurity.AuthenticationException is detected, the filter will launch the
authenticationEntryPoint. This allows common handling of
authentication failures originating from any subclass of net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.
If an net.sf.acegisecurity.AccessDeniedException is detected, the filter will determine
whether or not the user is an anonymous user. If they are an anonymous
user, the authenticationEntryPoint will be launched. If they
are not an anonymous user, the filter will respond with a
HttpServletResponse.SC_FORBIDDEN (403 error). In addition,
the AccessDeniedException itself will be placed in the
HttpSession attribute keyed against ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY 55 (to allow access to the stack
trace etc). Again, this allows common access denied handling irrespective
of the originating security interceptor.
To use this filter, it is necessary to specify the following properties:
-
filterSecurityInterceptorindicates theFilterSecurityInterceptorto delegate HTTP security decisions to. -
authenticationEntryPointindicates the handler that should commence the authentication process if anAuthenticationExceptionis detected. Note that this may also switch the current protocol from http to https for an SSL login. -
portResolveris used to determine the "real" port that a request was received on.
Do not use this class directly. Instead configure
web.xml to use the net.sf.acegisecurity.util.FilterToBeanProxy.
- Version:
- $Id: SecurityEnforcementFilter.java,v 1.16 2005/03/16 16:57:28 luke_t Exp $
| Constructor Summary | |
SecurityEnforcementFilter()
|
|
| Method Summary | |
void |
afterPropertiesSet()
Invoked by a BeanFactory after it has set all bean properties supplied (and satisfied BeanFactoryAware and ApplicationContextAware). |
void |
destroy()
Called by the web container to indicate to a filter that it is being taken out of service. |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
The doFilter method of the Filter is called by the container
each time a request/response pair is passed through the chain due
to a client request for a resource at the end of the chain. |
AuthenticationEntryPoint |
getAuthenticationEntryPoint()
|
net.sf.acegisecurity.AuthenticationTrustResolver |
getAuthenticationTrustResolver()
|
FilterSecurityInterceptor |
getFilterSecurityInterceptor()
|
net.sf.acegisecurity.util.PortResolver |
getPortResolver()
|
void |
init(javax.servlet.FilterConfig filterConfig)
Called by the web container to indicate to a filter that it is being placed into service. |
protected void |
sendAccessDeniedError(FilterInvocation fi,
net.sf.acegisecurity.AccessDeniedException accessDenied)
|
protected void |
sendStartAuthentication(FilterInvocation fi,
net.sf.acegisecurity.AuthenticationException reason)
|
void |
setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint)
|
void |
setAuthenticationTrustResolver(net.sf.acegisecurity.AuthenticationTrustResolver authenticationTrustResolver)
|
void |
setFilterSecurityInterceptor(FilterSecurityInterceptor filterSecurityInterceptor)
|
void |
setPortResolver(net.sf.acegisecurity.util.PortResolver portResolver)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
logger
private static final org.apache.commons.logging.Log logger
ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY
public static final java.lang.String ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY
- See Also:
- Constant Field Values
authenticationEntryPoint
private AuthenticationEntryPoint authenticationEntryPoint
authenticationTrustResolver
private net.sf.acegisecurity.AuthenticationTrustResolver authenticationTrustResolver
filterSecurityInterceptor
private FilterSecurityInterceptor filterSecurityInterceptor
portResolver
private net.sf.acegisecurity.util.PortResolver portResolver
| Constructor Detail |
SecurityEnforcementFilter
public SecurityEnforcementFilter()
| Method Detail |
setAuthenticationEntryPoint
public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint)
getAuthenticationEntryPoint
public AuthenticationEntryPoint getAuthenticationEntryPoint()
setAuthenticationTrustResolver
public void setAuthenticationTrustResolver(net.sf.acegisecurity.AuthenticationTrustResolver authenticationTrustResolver)
getAuthenticationTrustResolver
public net.sf.acegisecurity.AuthenticationTrustResolver getAuthenticationTrustResolver()
setFilterSecurityInterceptor
public void setFilterSecurityInterceptor(FilterSecurityInterceptor filterSecurityInterceptor)
getFilterSecurityInterceptor
public FilterSecurityInterceptor getFilterSecurityInterceptor()
setPortResolver
public void setPortResolver(net.sf.acegisecurity.util.PortResolver portResolver)
getPortResolver
public net.sf.acegisecurity.util.PortResolver getPortResolver()
afterPropertiesSet
public void afterPropertiesSet()
throws java.lang.Exception
- Description copied from interface:
org.springframework.beans.factory.InitializingBean - Invoked by a BeanFactory after it has set all bean properties supplied
(and satisfied BeanFactoryAware and ApplicationContextAware).
This method allows the bean instance to perform initialization only possible when all bean properties have been set and to throw an exception in the event of misconfiguration.
- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean
destroy
public void destroy()
- Description copied from interface:
javax.servlet.Filter - Called by the web container to indicate to a filter that it is being taken out of service. This
method is only called once all threads within the filter's doFilter method have exited or after
a timeout period has passed. After the web container calls this method, it will not call the
doFilter method again on this instance of the filter.
This method gives the filter an opportunity to clean up any resources that are being held (for example, memory, file handles, threads) and make sure that any persistent state is synchronized with the filter's current state in memory.- Specified by:
destroyin interfacejavax.servlet.Filter
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
- Description copied from interface:
javax.servlet.Filter - The
doFiltermethod of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain. The FilterChain passed in to this method allows the Filter to pass on the request and response to the next entity in the chain.A typical implementation of this method would follow the following pattern:-
1. Examine the request
2. Optionally wrap the request object with a custom implementation to filter content or headers for input filtering
3. Optionally wrap the response object with a custom implementation to filter content or headers for output filtering
4. a) Either invoke the next entity in the chain using the FilterChain object (chain.doFilter()),
4. b) or not pass on the request/response pair to the next entity in the filter chain to block the request processing
5. Directly set headers on the response after invocation of the next entity in the filter chain.- Specified by:
doFilterin interfacejavax.servlet.Filter
init
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
- Description copied from interface:
javax.servlet.Filter - Called by the web container to indicate to a filter that it is being placed into
service. The servlet container calls the init method exactly once after instantiating the
filter. The init method must complete successfully before the filter is asked to do any
filtering work.
The web container cannot place the filter into service if the init method either
1.Throws a ServletException
2.Does not return within a time period defined by the web container- Specified by:
initin interfacejavax.servlet.Filter
sendAccessDeniedError
protected void sendAccessDeniedError(FilterInvocation fi, net.sf.acegisecurity.AccessDeniedException accessDenied) throws javax.servlet.ServletException, java.io.IOException
sendStartAuthentication
protected void sendStartAuthentication(FilterInvocation fi, net.sf.acegisecurity.AuthenticationException reason) throws javax.servlet.ServletException, java.io.IOException
|
|||||||||
| Home >> All >> net >> sf >> acegisecurity >> intercept >> [ web overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||