|
|||||||||
| Home >> All >> org >> acegisecurity >> ui >> [ x509 overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
org.acegisecurity.ui.x509
Class X509ProcessingFilter
java.lang.Objectorg.acegisecurity.ui.x509.X509ProcessingFilter
- All Implemented Interfaces:
- org.springframework.context.ApplicationEventPublisherAware, javax.servlet.Filter, org.springframework.beans.factory.InitializingBean
- public class X509ProcessingFilter
- extends java.lang.Object
- implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware
- extends java.lang.Object
Processes the X.509 certificate submitted by a client browser when HTTPS is used with client-authentication enabled.
An org.acegisecurity.providers.x509.X509AuthenticationToken is created with the certificate as the credentials.
The configured authentication manager is expected to supply a provider which can handle this token (usually an instance of org.acegisecurity.providers.x509.X509AuthenticationProvider).
If authentication is successful, an org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent will be
published to the application context. No events will be published if
authentication was unsuccessful, because this would generally be recorded
via an AuthenticationManager-specific application event.
Do not use this class directly. Instead configure
web.xml to use the org.acegisecurity.util.FilterToBeanProxy.
- Version:
- $Id: X509ProcessingFilter.java,v 1.13 2005/11/17 00:56:28 benalex Exp $
| Field Summary | |
private org.acegisecurity.AuthenticationManager |
authenticationManager
|
private org.springframework.context.ApplicationEventPublisher |
eventPublisher
|
private static org.apache.commons.logging.Log |
logger
|
| Constructor Summary | |
X509ProcessingFilter()
|
|
| Method Summary | |
void |
afterPropertiesSet()
Invoked by a BeanFactory after it has set all bean properties supplied (and satisfied BeanFactoryAware and ApplicationContextAware). |
void |
destroy()
Called by the web container to indicate to a filter that it is being taken out of service. |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain filterChain)
This method first checks for an existing, non-null authentication in the secure context. |
private java.security.cert.X509Certificate |
extractClientCertificate(javax.servlet.http.HttpServletRequest request)
|
void |
init(javax.servlet.FilterConfig ignored)
Called by the web container to indicate to a filter that it is being placed into service. |
void |
setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher context)
Set the ApplicationEventPublisher that this object runs in. |
void |
setAuthenticationManager(org.acegisecurity.AuthenticationManager authenticationManager)
|
protected void |
successfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
org.acegisecurity.Authentication authResult)
Puts the Authentication instance returned by the
authentication manager into the secure context. |
protected void |
unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
org.acegisecurity.AuthenticationException failed)
Ensures the authentication object in the secure context is set to null when authentication fails. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
logger
private static final org.apache.commons.logging.Log logger
eventPublisher
private org.springframework.context.ApplicationEventPublisher eventPublisher
authenticationManager
private org.acegisecurity.AuthenticationManager authenticationManager
| Constructor Detail |
X509ProcessingFilter
public X509ProcessingFilter()
| Method Detail |
setApplicationEventPublisher
public void setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher context)
- Description copied from interface:
org.springframework.context.ApplicationEventPublisherAware - Set the ApplicationEventPublisher that this object runs in.
Invoked after population of normal bean properties but before an init callback like InitializingBean's afterPropertiesSet or a custom init-method. Invoked before ApplicationContextAware's setApplicationContext.
- Specified by:
setApplicationEventPublisherin interfaceorg.springframework.context.ApplicationEventPublisherAware
setAuthenticationManager
public void setAuthenticationManager(org.acegisecurity.AuthenticationManager authenticationManager)
afterPropertiesSet
public void afterPropertiesSet()
throws java.lang.Exception
- Description copied from interface:
org.springframework.beans.factory.InitializingBean - Invoked by a BeanFactory after it has set all bean properties supplied
(and satisfied BeanFactoryAware and ApplicationContextAware).
This method allows the bean instance to perform initialization only possible when all bean properties have been set and to throw an exception in the event of misconfiguration.
- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean
destroy
public void destroy()
- Description copied from interface:
javax.servlet.Filter - Called by the web container to indicate to a filter that it is being taken out of service. This
method is only called once all threads within the filter's doFilter method have exited or after
a timeout period has passed. After the web container calls this method, it will not call the
doFilter method again on this instance of the filter.
This method gives the filter an opportunity to clean up any resources that are being held (for example, memory, file handles, threads) and make sure that any persistent state is synchronized with the filter's current state in memory.- Specified by:
destroyin interfacejavax.servlet.Filter
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain) throws java.io.IOException, javax.servlet.ServletException
- This method first checks for an existing, non-null authentication in the
secure context. If one is found it does nothing.
If no authentication object exists, it attempts to obtain the client authentication certificate from the request. If there is no certificate present then authentication is skipped. Otherwise a new authentication request containing the certificate will be passed to the configured org.acegisecurity.AuthenticationManager.
If authentication is successful the returned token will be stored in the secure context. Otherwise it will be set to null. In either case, the request proceeds through the filter chain.
- Specified by:
doFilterin interfacejavax.servlet.Filter
init
public void init(javax.servlet.FilterConfig ignored) throws javax.servlet.ServletException
- Description copied from interface:
javax.servlet.Filter - Called by the web container to indicate to a filter that it is being placed into
service. The servlet container calls the init method exactly once after instantiating the
filter. The init method must complete successfully before the filter is asked to do any
filtering work.
The web container cannot place the filter into service if the init method either
1.Throws a ServletException
2.Does not return within a time period defined by the web container- Specified by:
initin interfacejavax.servlet.Filter
successfulAuthentication
protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.acegisecurity.Authentication authResult) throws java.io.IOException
- Puts the
Authenticationinstance returned by the authentication manager into the secure context.
unsuccessfulAuthentication
protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.acegisecurity.AuthenticationException failed)
- Ensures the authentication object in the secure context is set to null
when authentication fails.
extractClientCertificate
private java.security.cert.X509Certificate extractClientCertificate(javax.servlet.http.HttpServletRequest request)
|
|||||||||
| Home >> All >> org >> acegisecurity >> ui >> [ x509 overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||