org.springframework.security.web.context
Class SaveContextOnUpdateOrErrorResponseWrapper

java.lang.Object
  extended by javax.servlet.ServletResponseWrapper
      extended by javax.servlet.http.HttpServletResponseWrapper
          extended by org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
All Implemented Interfaces:
HttpServletResponse, ServletResponse

public abstract class SaveContextOnUpdateOrErrorResponseWrapper
extends HttpServletResponseWrapper

Base class for response wrappers which encapsulate the logic for storing a security context and which store the with the SecurityContext when a sendError() or sendRedirect happens. See issue SEC-398.

Sub-classes should implement the saveContext(SecurityContext context) method.

Support is also provided for disabling URL rewriting

Since:
3.0
Version:
$Id: SaveContextOnUpdateOrErrorResponseWrapper.java 3652 2009-05-11 05:35:20Z ltaylor $
Author:
Luke Taylor, Marten Algesten

Field Summary
 
Fields inherited from interface javax.servlet.http.HttpServletResponse
SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY
 
Constructor Summary
SaveContextOnUpdateOrErrorResponseWrapper(HttpServletResponse response, boolean disableUrlRewriting)
           
 
Method Summary
 String encodeRedirectUrl(String url)
           
 String encodeRedirectURL(String url)
           
 String encodeUrl(String url)
           
 String encodeURL(String url)
           
 boolean isContextSaved()
          Tells if the response wrapper has called saveContext() because of an error or redirect.
 void sendError(int sc)
          Makes sure the session is updated before calling the superclass sendError()
 void sendError(int sc, String msg)
          Makes sure the session is updated before calling the superclass sendError()
 void sendRedirect(String location)
          Makes sure the context is stored before calling the superclass sendRedirect()
 
Methods inherited from class javax.servlet.http.HttpServletResponseWrapper
addCookie, addDateHeader, addHeader, addIntHeader, containsHeader, setDateHeader, setHeader, setIntHeader, setStatus, setStatus
 
Methods inherited from class javax.servlet.ServletResponseWrapper
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getResponse, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentType, setLocale, setResponse
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface javax.servlet.ServletResponse
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentType, setLocale
 

Constructor Detail

SaveContextOnUpdateOrErrorResponseWrapper

public SaveContextOnUpdateOrErrorResponseWrapper(HttpServletResponse response,
                                                 boolean disableUrlRewriting)
Parameters:
response - the response to be wrapped
disableUrlRewriting - turns the URL encoding methods into null operations, preventing the use of URL rewriting to add the session identifier as a URL parameter.
Method Detail

sendError

public final void sendError(int sc)
                     throws IOException
Makes sure the session is updated before calling the superclass sendError()

Specified by:
sendError in interface HttpServletResponse
Overrides:
sendError in class HttpServletResponseWrapper
Throws:
IOException

sendError

public final void sendError(int sc,
                            String msg)
                     throws IOException
Makes sure the session is updated before calling the superclass sendError()

Specified by:
sendError in interface HttpServletResponse
Overrides:
sendError in class HttpServletResponseWrapper
Throws:
IOException

sendRedirect

public final void sendRedirect(String location)
                        throws IOException
Makes sure the context is stored before calling the superclass sendRedirect()

Specified by:
sendRedirect in interface HttpServletResponse
Overrides:
sendRedirect in class HttpServletResponseWrapper
Throws:
IOException

encodeRedirectUrl

public final String encodeRedirectUrl(String url)
Specified by:
encodeRedirectUrl in interface HttpServletResponse
Overrides:
encodeRedirectUrl in class HttpServletResponseWrapper

encodeRedirectURL

public final String encodeRedirectURL(String url)
Specified by:
encodeRedirectURL in interface HttpServletResponse
Overrides:
encodeRedirectURL in class HttpServletResponseWrapper

encodeUrl

public final String encodeUrl(String url)
Specified by:
encodeUrl in interface HttpServletResponse
Overrides:
encodeUrl in class HttpServletResponseWrapper

encodeURL

public final String encodeURL(String url)
Specified by:
encodeURL in interface HttpServletResponse
Overrides:
encodeURL in class HttpServletResponseWrapper

isContextSaved

public final boolean isContextSaved()
Tells if the response wrapper has called saveContext() because of an error or redirect.



Copyright © 2004-2009 SpringSource, Inc. All Rights Reserved.