Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.web.context
Class SaveContextOnUpdateOrErrorResponseWrapper

java.lang.Object
  extended by javax.servlet.ServletResponseWrapper
      extended by javax.servlet.http.HttpServletResponseWrapper
          extended by org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
All Implemented Interfaces:
javax.servlet.http.HttpServletResponse, javax.servlet.ServletResponse
public abstract class SaveContextOnUpdateOrErrorResponseWrapper
extends javax.servlet.http.HttpServletResponseWrapper

Base class for response wrappers which encapsulate the logic for storing a security context and which store the with the SecurityContext when a sendError() or sendRedirect happens. See issue SEC-398.

Sub-classes should implement the saveContext(SecurityContext context) method.

Support is also provided for disabling URL rewriting

Since:
3.0

Field Summary
 
Fields inherited from interface javax.servlet.http.HttpServletResponse
SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY
 
Constructor Summary
SaveContextOnUpdateOrErrorResponseWrapper(javax.servlet.http.HttpServletResponse response, boolean disableUrlRewriting)
           
 
Method Summary
 java.lang.String encodeRedirectUrl(java.lang.String url)
           
 java.lang.String encodeRedirectURL(java.lang.String url)
           
 java.lang.String encodeUrl(java.lang.String url)
           
 java.lang.String encodeURL(java.lang.String url)
           
 boolean isContextSaved()
          Tells if the response wrapper has called saveContext() because of an error or redirect.
protected abstract  void saveContext(SecurityContext context)
          Implements the logic for storing the security context.
 void sendError(int sc)
          Makes sure the session is updated before calling the superclass sendError()
 void sendError(int sc, java.lang.String msg)
          Makes sure the session is updated before calling the superclass sendError()
 void sendRedirect(java.lang.String location)
          Makes sure the context is stored before calling the superclass sendRedirect()
 
Methods inherited from class javax.servlet.http.HttpServletResponseWrapper
addCookie, addDateHeader, addHeader, addIntHeader, containsHeader, setDateHeader, setHeader, setIntHeader, setStatus, setStatus
 
Methods inherited from class javax.servlet.ServletResponseWrapper
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getResponse, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentType, setLocale, setResponse
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface javax.servlet.ServletResponse
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentType, setLocale
 

Constructor Detail

SaveContextOnUpdateOrErrorResponseWrapper

public SaveContextOnUpdateOrErrorResponseWrapper(javax.servlet.http.HttpServletResponse response,
                                                 boolean disableUrlRewriting)
Parameters:
response - the response to be wrapped
disableUrlRewriting - turns the URL encoding methods into null operations, preventing the use of URL rewriting to add the session identifier as a URL parameter.
Method Detail

saveContext

protected abstract void saveContext(SecurityContext context)
Implements the logic for storing the security context.

Parameters:
context - the SecurityContext instance to store

sendError

public final void sendError(int sc)
                     throws java.io.IOException
Makes sure the session is updated before calling the superclass sendError()

Specified by:
sendError in interface javax.servlet.http.HttpServletResponse
Overrides:
sendError in class javax.servlet.http.HttpServletResponseWrapper
Throws:
java.io.IOException

sendError

public final void sendError(int sc,
                            java.lang.String msg)
                     throws java.io.IOException
Makes sure the session is updated before calling the superclass sendError()

Specified by:
sendError in interface javax.servlet.http.HttpServletResponse
Overrides:
sendError in class javax.servlet.http.HttpServletResponseWrapper
Throws:
java.io.IOException

sendRedirect

public final void sendRedirect(java.lang.String location)
                        throws java.io.IOException
Makes sure the context is stored before calling the superclass sendRedirect()

Specified by:
sendRedirect in interface javax.servlet.http.HttpServletResponse
Overrides:
sendRedirect in class javax.servlet.http.HttpServletResponseWrapper
Throws:
java.io.IOException

encodeRedirectUrl

public final java.lang.String encodeRedirectUrl(java.lang.String url)
Specified by:
encodeRedirectUrl in interface javax.servlet.http.HttpServletResponse
Overrides:
encodeRedirectUrl in class javax.servlet.http.HttpServletResponseWrapper

encodeRedirectURL

public final java.lang.String encodeRedirectURL(java.lang.String url)
Specified by:
encodeRedirectURL in interface javax.servlet.http.HttpServletResponse
Overrides:
encodeRedirectURL in class javax.servlet.http.HttpServletResponseWrapper

encodeUrl

public final java.lang.String encodeUrl(java.lang.String url)
Specified by:
encodeUrl in interface javax.servlet.http.HttpServletResponse
Overrides:
encodeUrl in class javax.servlet.http.HttpServletResponseWrapper

encodeURL

public final java.lang.String encodeURL(java.lang.String url)
Specified by:
encodeURL in interface javax.servlet.http.HttpServletResponse
Overrides:
encodeURL in class javax.servlet.http.HttpServletResponseWrapper

isContextSaved

public final boolean isContextSaved()
Tells if the response wrapper has called saveContext() because of an error or redirect.

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD