java.lang.Object
org.acegisecurity.intercept.AbstractSecurityInterceptor
org.acegisecurity.intercept.web.FilterSecurityInterceptor
- All Implemented Interfaces:
- org.springframework.context.ApplicationEventPublisherAware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware
- public class FilterSecurityInterceptor
- extends org.acegisecurity.intercept.AbstractSecurityInterceptor
Performs security handling of HTTP resources via a filter implementation.
End users should only use this class to configure their HTTP security
configuration in an application context. They should not attempt to
invoke the FilterSecurityInterceptor except as a standard bean
registration in an application context. At runtime, this class will provide
services to web applications via the SecurityEnforcementFilter.
The ObjectDefinitionSource required by this security
interceptor is of type FilterInvocationDefinitionSource.
Refer to org.acegisecurity.intercept.AbstractSecurityInterceptor for details on the workflow.
- Version:
- $Id: FilterSecurityInterceptor.java,v 1.6 2005/11/17 00:55:50 benalex Exp $
| Methods inherited from class org.acegisecurity.intercept.AbstractSecurityInterceptor |
afterInvocation, afterPropertiesSet, beforeInvocation, getAccessDecisionManager, getAfterInvocationManager, getAuthenticationManager, getRunAsManager, isAlwaysReauthenticate, isRejectPublicInvocations, isValidateConfigAttributes, setAccessDecisionManager, setAfterInvocationManager, setAlwaysReauthenticate, setApplicationEventPublisher, setAuthenticationManager, setMessageSource, setRejectPublicInvocations, setRunAsManager, setValidateConfigAttributes |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
FILTER_APPLIED
private static final java.lang.String FILTER_APPLIED
- See Also:
- Constant Field Values
objectDefinitionSource
private FilterInvocationDefinitionSource objectDefinitionSource
observeOncePerRequest
private boolean observeOncePerRequest
FilterSecurityInterceptor
public FilterSecurityInterceptor()
setObjectDefinitionSource
public void setObjectDefinitionSource(FilterInvocationDefinitionSource newSource)
getObjectDefinitionSource
public FilterInvocationDefinitionSource getObjectDefinitionSource()
setObserveOncePerRequest
public void setObserveOncePerRequest(boolean observeOncePerRequest)
isObserveOncePerRequest
public boolean isObserveOncePerRequest()
- Indicates whether once-per-request handling will be observed. By default
this is
true, meaning the
FilterSecurityInterceptor will only execute
once-per-request. Sometimes users may wish it to execute more than once
per request, such as when JSP forwards are being used and filter
security is desired on each included fragment of the HTTP request.
getSecureObjectClass
public java.lang.Class getSecureObjectClass()
- Description copied from class:
org.acegisecurity.intercept.AbstractSecurityInterceptor
- Indicates the type of secure objects the subclass will be presenting
to the abstract parent for processing. This is used to ensure
collaborators wired to the
AbstractSecurityInterceptor
all support the indicated secure object class.
invoke
public void invoke(FilterInvocation fi)
throws java.lang.Throwable
obtainObjectDefinitionSource
public org.acegisecurity.intercept.ObjectDefinitionSource obtainObjectDefinitionSource()
JAVADOC | 
SOURCE | 
DOWNLOAD | NESTED | FIELD | CONSTR | METHOD