org.springframework.security.ui.portlet

Class PortletProcessingInterceptor

    • Method Summary

      Methods 
      Modifier and Type Method and Description
      void afterActionCompletion(javax.portlet.ActionRequest request, javax.portlet.ActionResponse response, java.lang.Object handler, java.lang.Exception ex) 
      void afterEventCompletion(javax.portlet.EventRequest request, javax.portlet.EventResponse response, java.lang.Object handler, java.lang.Exception ex) 
      void afterPropertiesSet() 
      void afterRenderCompletion(javax.portlet.RenderRequest request, javax.portlet.RenderResponse response, java.lang.Object handler, java.lang.Exception ex) 
      void afterResourceCompletion(javax.portlet.ResourceRequest request, javax.portlet.ResourceResponse response, java.lang.Object handler, java.lang.Exception ex) 
      protected java.lang.Object getCredentialsFromRequest(javax.portlet.PortletRequest request)
      This method attempts to extract a credentials from the portlet request.
      protected java.lang.Object getPrincipalFromRequest(javax.portlet.PortletRequest request)
      This method attempts to extract a principal from the portlet request.
      protected void onPreAuthentication(javax.portlet.PortletRequest request, javax.portlet.PortletResponse response)
      Callback for custom processing prior to the authentication attempt.
      protected void onSuccessfulAuthentication(javax.portlet.PortletRequest request, javax.portlet.PortletResponse response, Authentication authResult)
      Callback for custom processing after a successful authentication attempt.
      protected void onUnsuccessfulAuthentication(javax.portlet.PortletRequest request, javax.portlet.PortletResponse response, AuthenticationException failed)
      Callback for custom processing after an unsuccessful authentication attempt.
      void postHandleRender(javax.portlet.RenderRequest request, javax.portlet.RenderResponse response, java.lang.Object handler, org.springframework.web.portlet.ModelAndView modelAndView) 
      void postHandleResource(javax.portlet.ResourceRequest request, javax.portlet.ResourceResponse response, java.lang.Object handler, org.springframework.web.portlet.ModelAndView modelAndView) 
      boolean preHandleAction(javax.portlet.ActionRequest request, javax.portlet.ActionResponse response, java.lang.Object handler) 
      boolean preHandleEvent(javax.portlet.EventRequest request, javax.portlet.EventResponse response, java.lang.Object handler) 
      boolean preHandleRender(javax.portlet.RenderRequest request, javax.portlet.RenderResponse response, java.lang.Object handler) 
      boolean preHandleResource(javax.portlet.ResourceRequest request, javax.portlet.ResourceResponse response, java.lang.Object handler) 
      void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) 
      void setAuthenticationManager(AuthenticationManager authenticationManager) 
      void setUseAuthTypeAsCredentials(boolean useAuthTypeAsCredentials)
      It true, the "authType" proerty of the PortletRequest will be used as the credentials.
      void setUserNameAttributes(java.util.List userNameAttributes) 
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • PortletProcessingInterceptor

        public PortletProcessingInterceptor()
    • Method Detail

      • afterPropertiesSet

        public void afterPropertiesSet()
                                throws java.lang.Exception
        Specified by:
        afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
        Throws:
        java.lang.Exception
      • preHandleAction

        public boolean preHandleAction(javax.portlet.ActionRequest request,
                              javax.portlet.ActionResponse response,
                              java.lang.Object handler)
                                throws java.lang.Exception
        Specified by:
        preHandleAction in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • preHandleRender

        public boolean preHandleRender(javax.portlet.RenderRequest request,
                              javax.portlet.RenderResponse response,
                              java.lang.Object handler)
                                throws java.lang.Exception
        Specified by:
        preHandleRender in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • postHandleRender

        public void postHandleRender(javax.portlet.RenderRequest request,
                            javax.portlet.RenderResponse response,
                            java.lang.Object handler,
                            org.springframework.web.portlet.ModelAndView modelAndView)
                              throws java.lang.Exception
        Specified by:
        postHandleRender in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • afterActionCompletion

        public void afterActionCompletion(javax.portlet.ActionRequest request,
                                 javax.portlet.ActionResponse response,
                                 java.lang.Object handler,
                                 java.lang.Exception ex)
                                   throws java.lang.Exception
        Specified by:
        afterActionCompletion in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • afterRenderCompletion

        public void afterRenderCompletion(javax.portlet.RenderRequest request,
                                 javax.portlet.RenderResponse response,
                                 java.lang.Object handler,
                                 java.lang.Exception ex)
                                   throws java.lang.Exception
        Specified by:
        afterRenderCompletion in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • getPrincipalFromRequest

        protected java.lang.Object getPrincipalFromRequest(javax.portlet.PortletRequest request)
        This method attempts to extract a principal from the portlet request. According to the JSR 168 spec, the PortletRequest should return the name of the user in the getRemoteUser() method. It should also provide a java.security.Principal object from the getUserPrincipal() method. We will first try these to come up with a valid username.

        Unfortunately, some portals do not properly return these values for authenticated users. So, if neither of those succeeds and if the userNameAttributes property has been populated, then we will search through the USER_INFO map from the request to see if we can find a valid username.

        This method can be overridden by subclasses to provide special handling for portals with weak support for the JSR 168 spec.

        Parameters:
        request - the portlet request object
        Returns:
        the determined principal object, or null if none found
      • getCredentialsFromRequest

        protected java.lang.Object getCredentialsFromRequest(javax.portlet.PortletRequest request)
        This method attempts to extract a credentials from the portlet request. We are trusting the portal framework to authenticate the user, so all we are really doing is trying to put something intelligent in here to indicate the user is authenticated. According to the JSR 168 spec, PortletRequest.getAuthType() should return a non-null value if the user is authenticated and should be null if not authenticated. So we will use this as the credentials and the token will be trusted as authenticated if the credentials are not null.

        This method can be overridden by subclasses to provide special handling for portals with weak support for the JSR 168 spec. If that is done, be sure the value is non-null for authenticated users and null for non-authenticated users.

        Parameters:
        request - the portlet request object
        Returns:
        the determined credentials object, or null if none found
      • onPreAuthentication

        protected void onPreAuthentication(javax.portlet.PortletRequest request,
                               javax.portlet.PortletResponse response)
                                    throws AuthenticationException,
                                           java.io.IOException
        Callback for custom processing prior to the authentication attempt.
        Parameters:
        request - the portlet request to be authenticated
        response - the portlet response to be authenticated
        Throws:
        AuthenticationException - to indicate that authentication attempt is not valid and should be terminated
        java.io.IOException
      • onSuccessfulAuthentication

        protected void onSuccessfulAuthentication(javax.portlet.PortletRequest request,
                                      javax.portlet.PortletResponse response,
                                      Authentication authResult)
                                           throws java.io.IOException
        Callback for custom processing after a successful authentication attempt.
        Parameters:
        request - the portlet request that was authenticated
        response - the portlet response that was authenticated
        authResult - the resulting Authentication object
        Throws:
        java.io.IOException
      • onUnsuccessfulAuthentication

        protected void onUnsuccessfulAuthentication(javax.portlet.PortletRequest request,
                                        javax.portlet.PortletResponse response,
                                        AuthenticationException failed)
                                             throws java.io.IOException
        Callback for custom processing after an unsuccessful authentication attempt.
        Parameters:
        request - the portlet request that failed authentication
        response - the portlet response that failed authentication
        failed - the AuthenticationException that occurred
        Throws:
        java.io.IOException
      • setAuthenticationManager

        public void setAuthenticationManager(AuthenticationManager authenticationManager)
      • setUserNameAttributes

        public void setUserNameAttributes(java.util.List userNameAttributes)
      • setAuthenticationDetailsSource

        public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)
      • setUseAuthTypeAsCredentials

        public void setUseAuthTypeAsCredentials(boolean useAuthTypeAsCredentials)
        It true, the "authType" proerty of the PortletRequest will be used as the credentials. Defaults to false.
        Parameters:
        useAuthTypeAsCredentials -
      • afterEventCompletion

        public void afterEventCompletion(javax.portlet.EventRequest request,
                                javax.portlet.EventResponse response,
                                java.lang.Object handler,
                                java.lang.Exception ex)
                                  throws java.lang.Exception
        Specified by:
        afterEventCompletion in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • preHandleEvent

        public boolean preHandleEvent(javax.portlet.EventRequest request,
                             javax.portlet.EventResponse response,
                             java.lang.Object handler)
                               throws java.lang.Exception
        Specified by:
        preHandleEvent in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • afterResourceCompletion

        public void afterResourceCompletion(javax.portlet.ResourceRequest request,
                                   javax.portlet.ResourceResponse response,
                                   java.lang.Object handler,
                                   java.lang.Exception ex)
                                     throws java.lang.Exception
        Specified by:
        afterResourceCompletion in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • postHandleResource

        public void postHandleResource(javax.portlet.ResourceRequest request,
                              javax.portlet.ResourceResponse response,
                              java.lang.Object handler,
                              org.springframework.web.portlet.ModelAndView modelAndView)
                                throws java.lang.Exception
        Specified by:
        postHandleResource in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception
      • preHandleResource

        public boolean preHandleResource(javax.portlet.ResourceRequest request,
                                javax.portlet.ResourceResponse response,
                                java.lang.Object handler)
                                  throws java.lang.Exception
        Specified by:
        preHandleResource in interface org.springframework.web.portlet.HandlerInterceptor
        Throws:
        java.lang.Exception