AbstractPreAuthenticatedProcessingFilter (Spring Security 2.0.6.RELEASE API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Spring Security Framework

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.ui.preauth
Class AbstractPreAuthenticatedProcessingFilter

java.lang.Object
  org.springframework.security.ui.SpringSecurityFilter
      org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter

All Implemented Interfaces:: Filter, InitializingBean, ApplicationEventPublisherAware, Ordered

Direct Known Subclasses:: J2eePreAuthenticatedProcessingFilter, RequestHeaderPreAuthenticatedProcessingFilter, WebSpherePreAuthenticatedProcessingFilter, X509PreAuthenticatedProcessingFilter

public abstract class AbstractPreAuthenticatedProcessingFilter
extends SpringSecurityFilter
implements InitializingBean, ApplicationEventPublisherAware
extends SpringSecurityFilter
implements InitializingBean, ApplicationEventPublisherAware

Base class for processing filters that handle pre-authenticated authentication requests. Subclasses must implement the getPreAuthenticatedPrincipal() and getPreAuthenticatedCredentials() methods.

By default, the filter chain will proceed when an authentication attempt fails in order to allow other authentication mechanisms to process the request. To reject the credentials immediately, set the continueFilterChainOnUnsuccessfulAuthentication flag to false. The exception raised by the AuthenticationManager will the be re-thrown. Note that this will not affect cases where the principal returned by getPreAuthenticatedPrincipal(javax.servlet.http.HttpServletRequest) is null, when the chain will still proceed as normal.

Since:: 2.0
Author:: Luke Taylor, Ruud Senden

Field Summary

Fields inherited from class org.springframework.security.ui.SpringSecurityFilter
`logger`

Fields inherited from interface org.springframework.core.Ordered
`HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE`

Constructor Summary
`AbstractPreAuthenticatedProcessingFilter()`

Method Summary
`void`	`afterPropertiesSet()` Check whether all required properties have been set.
`void`	`doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)` Try to authenticate a pre-authenticated user with Spring Security if the user has not yet been authenticated.
`protected abstract Object`	`getPreAuthenticatedCredentials(HttpServletRequest request)` Override to extract the credentials (if applicable) from the current request.
`protected abstract Object`	`getPreAuthenticatedPrincipal(HttpServletRequest request)` Override to extract the principal information from the current request
`void`	`setApplicationEventPublisher(ApplicationEventPublisher anApplicationEventPublisher)`
`void`	`setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)`
`void`	`setAuthenticationManager(AuthenticationManager authenticationManager)`
`void`	`setContinueFilterChainOnUnsuccessfulAuthentication(boolean shouldContinue)`
`protected void`	`successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult)` Puts the `Authentication` instance returned by the authentication manager into the secure context.
`protected void`	`unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed)` Ensures the authentication object in the secure context is set to null when authentication fails.

Methods inherited from class org.springframework.security.ui.SpringSecurityFilter
`destroy, doFilter, init, toString`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Methods inherited from interface org.springframework.core.Ordered
`getOrder`

Constructor Detail