Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.remoting.rmi
Class ContextPropagatingRemoteInvocation

java.lang.Object
  extended by org.springframework.remoting.support.RemoteInvocation
      extended by org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation
All Implemented Interfaces:
Serializable
public class ContextPropagatingRemoteInvocation
extends RemoteInvocation

The actual RemoteInvocation that is passed from the client to the server, which contains the contents of SecurityContextHolder, being a SecurityContext object.

When constructed on the client via ContextPropagatingRemoteInvocationFactory, the contents of the SecurityContext are stored inside the object. The object is then passed to the server that is processing the remote invocation. Upon the server invoking the remote invocation, it will retrieve the passed contents of the SecurityContextHolder and set them on the server-side SecurityContextHolder while the target object is invoked. When the target invocation has been completed, the security context will be cleared using a call to SecurityContextHolder.clearContext().

Version:
$Id: ContextPropagatingRemoteInvocation.java 3550 2009-04-13 13:43:23Z ltaylor $
Author:
James Monaghan, Ben Alex
See Also:
Serialized Form

Constructor Summary
ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
          Constructs the object, storing the value of the client-side SecurityContextHolder inside the object.
 
Method Summary
 Object invoke(Object targetObject)
          Invoked on the server-side as described in the class JavaDocs.
 
Methods inherited from class org.springframework.remoting.support.RemoteInvocation
addAttribute, getArguments, getAttribute, getAttributes, getMethodName, getParameterTypes, setArguments, setAttributes, setMethodName, setParameterTypes, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ContextPropagatingRemoteInvocation

public ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
Constructs the object, storing the value of the client-side SecurityContextHolder inside the object.

Parameters:
methodInvocation - the method to invoke
Method Detail

invoke

public Object invoke(Object targetObject)
              throws NoSuchMethodException,
                     IllegalAccessException,
                     InvocationTargetException
Invoked on the server-side as described in the class JavaDocs.

Invocations will always have their Authentication.setAuthenticated(boolean) set to false, which is guaranteed to always be accepted by Authentication implementations. This ensures that even remotely authenticated Authentications will be untrusted by the server-side, which is an appropriate security measure.

Overrides:
invoke in class RemoteInvocation
Parameters:
targetObject - the target object to apply the invocation to
Returns:
the invocation result
Throws:
NoSuchMethodException - if the method name could not be resolved
IllegalAccessException - if the method could not be accessed
InvocationTargetException - if the method invocation resulted in an exception
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2009 SpringSource, Inc. All Rights Reserved.