public class SecureChannelProcessor extends Object implements org.springframework.beans.factory.InitializingBean, ChannelProcessor
Ensures channel security is active by review of HttpServletRequest.isSecure()
responses.
The class responds to one case-sensitive keyword, getSecureKeyword()
. If this keyword is detected,
HttpServletRequest.isSecure()
is used to determine the channel security offered. If channel security
is not present, the configured ChannelEntryPoint
is called. By default the entry point is RetryWithHttpsEntryPoint
.
The default secureKeyword
is REQUIRES_SECURE_CHANNEL
.
Constructor and Description |
---|
SecureChannelProcessor() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
void |
decide(FilterInvocation invocation,
ConfigAttributeDefinition config)
Decided whether the presented
FilterInvocation provides the appropriate level of channel
security based on the requested ConfigAttributeDefinition . |
ChannelEntryPoint |
getEntryPoint() |
String |
getSecureKeyword() |
void |
setEntryPoint(ChannelEntryPoint entryPoint) |
void |
setSecureKeyword(String secureKeyword) |
boolean |
supports(ConfigAttribute attribute)
Indicates whether this
ChannelProcessor is able to process the passed
ConfigAttribute . |
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
Exception
public void decide(FilterInvocation invocation, ConfigAttributeDefinition config) throws IOException, javax.servlet.ServletException
ChannelProcessor
FilterInvocation
provides the appropriate level of channel
security based on the requested ConfigAttributeDefinition
.decide
in interface ChannelProcessor
invocation
- DOCUMENT ME!config
- DOCUMENT ME!IOException
- DOCUMENT ME!javax.servlet.ServletException
- DOCUMENT ME!public ChannelEntryPoint getEntryPoint()
public String getSecureKeyword()
public void setEntryPoint(ChannelEntryPoint entryPoint)
public void setSecureKeyword(String secureKeyword)
public boolean supports(ConfigAttribute attribute)
ChannelProcessor
ChannelProcessor
is able to process the passed
ConfigAttribute
.This allows the ChannelProcessingFilter
to check every
configuration attribute can be consumed by the configured ChannelDecisionManager
.
supports
in interface ChannelProcessor
attribute
- a configuration attribute that has been configured against the
ChannelProcessingFilter
ChannelProcessor
can support the passed configuration attributeCopyright © 2004–2019 Interface21, Inc. All rights reserved.