public class AuthenticationProcessingFilterEntryPoint extends Object implements AuthenticationEntryPoint, org.springframework.beans.factory.InitializingBean
Used by the SecurityEnforcementFilter
to commence
authentication via the AuthenticationProcessingFilter
. This object
holds the location of the login form, relative to the web app context path,
and is used to commence a redirect to that form.
By setting the forceHttps property to true, you may configure the
class to force the protocol used for the login form to be HTTPS
,
even if the original intercepted request for a resource used the
HTTP
protocol. When this happens, after a successful login
(via HTTPS), the original resource will still be accessed as HTTP, via the
original request URL. For the forced HTTPS feature to work, the PortMapper
is consulted to determine the HTTP:HTTPS pairs.
Constructor and Description |
---|
AuthenticationProcessingFilterEntryPoint() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
void |
commence(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
AuthenticationException authException)
Commences an authentication scheme.
|
protected String |
determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
AuthenticationException exception)
Allows subclasses to modify the login form URL that should be applicable
for a given request.
|
boolean |
getForceHttps() |
String |
getLoginFormUrl() |
PortMapper |
getPortMapper() |
PortResolver |
getPortResolver() |
boolean |
isServerSideRedirect() |
void |
setForceHttps(boolean forceHttps)
Set to true to force login form access to be via https.
|
void |
setLoginFormUrl(String loginFormUrl)
The URL where the
AuthenticationProcessingFilter login
page can be found. |
void |
setPortMapper(PortMapper portMapper) |
void |
setPortResolver(PortResolver portResolver) |
void |
setServerSideRedirect(boolean serverSideRedirect)
Tells if we are to do a server side include of the
loginFormUrl instead of a 302 redirect. |
public AuthenticationProcessingFilterEntryPoint()
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
Exception
protected String determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException exception)
request
- the requestresponse
- the responseexception
- the exceptiongetLoginFormUrl()
)public void commence(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, AuthenticationException authException) throws IOException, javax.servlet.ServletException
AuthenticationEntryPoint
SecurityEnforcementFilter
will populate the
HttpSession
attribute named
AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY
with the requested target URL before
calling this method.
Implementations should modify the headers on the ServletResponse
as necessary to
commence the authentication process.
commence
in interface AuthenticationEntryPoint
request
- that resulted in an AuthenticationException
response
- so that the user agent can begin authenticationauthException
- that caused the invocationIOException
- DOCUMENT ME!javax.servlet.ServletException
- DOCUMENT ME!public boolean getForceHttps()
public String getLoginFormUrl()
public PortMapper getPortMapper()
public PortResolver getPortResolver()
public boolean isServerSideRedirect()
public void setForceHttps(boolean forceHttps)
https
, thenforceHttps
- public void setLoginFormUrl(String loginFormUrl)
AuthenticationProcessingFilter
login
page can be found. Should be relative to the web-app context path, and
include a leading /
loginFormUrl
- public void setPortMapper(PortMapper portMapper)
public void setPortResolver(PortResolver portResolver)
public void setServerSideRedirect(boolean serverSideRedirect)
loginFormUrl
instead of a 302 redirect.serverSideRedirect
- Copyright © 2004–2019 Interface21, Inc. All rights reserved.