Overview  Package   Class  Use  Deprecated  Index
Home >> All >> net >> sf >> acegisecurity >> ui >> [ x509 overview ]	PREV CLASS  NEXT CLASS
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD	DETAIL: FIELD | CONSTR | METHOD

---

net.sf.acegisecurity.ui.x509
Class X509ProcessingFilter  

java.lang.Object
  net.sf.acegisecurity.ui.x509.X509ProcessingFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.InitializingBean

---

public class X509ProcessingFilter

extends java.lang.Object

implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean

Processes the X.509 certificate submitted by a client browser when HTTPS is used with client-authentication enabled.

An net.sf.acegisecurity.providers.x509.X509AuthenticationToken is created with the certificate as the credentials.

The configured authentication manager is expected to supply a provider which can handle this token (usually an instance of net.sf.acegisecurity.providers.x509.X509AuthenticationProvider).

Do not use this class directly. Instead configure web.xml to use the net.sf.acegisecurity.util.FilterToBeanProxy.

Version:

$Id: X509ProcessingFilter.java,v 1.5 2005/03/18 01:00:34 luke_t Exp $

---

Field Summary
private  net.sf.acegisecurity.AuthenticationManager	authenticationManager
private static org.apache.commons.logging.Log	logger

 

Constructor Summary

X509ProcessingFilter()

 

Method Summary
void	afterPropertiesSet()           Invoked by a BeanFactory after it has set all bean properties supplied (and satisfied BeanFactoryAware and ApplicationContextAware).
void	destroy()           Called by the web container to indicate to a filter that it is being taken out of service.
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain)           This method first checks for an existing, non-null authentication in the secure context.
private  java.security.cert.X509Certificate	extractClientCertificate(javax.servlet.http.HttpServletRequest request)
void	init(javax.servlet.FilterConfig filterConfig)           Called by the web container to indicate to a filter that it is being placed into service.
void	setAuthenticationManager(net.sf.acegisecurity.AuthenticationManager authenticationManager)
protected  void	successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, net.sf.acegisecurity.Authentication authResult)           Puts the Authentication instance returned by the authentication manager into the secure context.
protected  void	unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, net.sf.acegisecurity.AuthenticationException failed)           Ensures the authentication object in the secure context is set to null when authentication fails.

 

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Field Detail

logger

private static final org.apache.commons.logging.Log logger

---

authenticationManager

private net.sf.acegisecurity.AuthenticationManager authenticationManager

Constructor Detail

X509ProcessingFilter

public X509ProcessingFilter()

Method Detail

setAuthenticationManager

public void setAuthenticationManager(net.sf.acegisecurity.AuthenticationManager authenticationManager)

---

afterPropertiesSet

public void afterPropertiesSet()
                        throws java.lang.Exception

Description copied from interface: org.springframework.beans.factory.InitializingBean

Invoked by a BeanFactory after it has set all bean properties supplied (and satisfied BeanFactoryAware and ApplicationContextAware).

This method allows the bean instance to perform initialization only possible when all bean properties have been set and to throw an exception in the event of misconfiguration.

Specified by:

afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

---

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain filterChain)
              throws java.io.IOException,
                     javax.servlet.ServletException

This method first checks for an existing, non-null authentication in the secure context. If one is found it does nothing.

If no authentication object exists, it attempts to obtain the client authentication certificate from the request. If there is no certificate present then authentication is skipped. Otherwise a new authentication request containing the certificate will be passed to the configured net.sf.acegisecurity.AuthenticationManager.

If authentication is successful the returned token will be stored in the secure context. Otherwise it will be set to null. In either case, the request proceeds through the filter chain.

Specified by:

doFilter in interface javax.servlet.Filter

---

extractClientCertificate

private java.security.cert.X509Certificate extractClientCertificate(javax.servlet.http.HttpServletRequest request)

---

successfulAuthentication

protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        net.sf.acegisecurity.Authentication authResult)
                                 throws java.io.IOException

Puts the Authentication instance returned by the authentication manager into the secure context.

---

unsuccessfulAuthentication

protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response,
                                          net.sf.acegisecurity.AuthenticationException failed)

Ensures the authentication object in the secure context is set to null when authentication fails.

---

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Description copied from interface: javax.servlet.Filter

Called by the web container to indicate to a filter that it is being placed into service. The servlet container calls the init method exactly once after instantiating the filter. The init method must complete successfully before the filter is asked to do any filtering work.

The web container cannot place the filter into service if the init method either
1.Throws a ServletException
2.Does not return within a time period defined by the web container

Specified by:

init in interface javax.servlet.Filter

---

destroy

public void destroy()

Description copied from interface: javax.servlet.Filter

Called by the web container to indicate to a filter that it is being taken out of service. This method is only called once all threads within the filter's doFilter method have exited or after a timeout period has passed. After the web container calls this method, it will not call the doFilter method again on this instance of the filter.

This method gives the filter an opportunity to clean up any resources that are being held (for example, memory, file handles, threads) and make sure that any persistent state is synchronized with the filter's current state in memory.

Specified by:

destroy in interface javax.servlet.Filter

---

Overview  Package   Class  Use  Deprecated  Index
Home >> All >> net >> sf >> acegisecurity >> ui >> [ x509 overview ]	PREV CLASS  NEXT CLASS
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD	DETAIL: FIELD | CONSTR | METHOD

---