Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Spring Security Framework
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.concurrent
Class ConcurrentSessionFilter

java.lang.Object
  extended by org.springframework.security.ui.SpringSecurityFilter
      extended by org.springframework.security.concurrent.ConcurrentSessionFilter
All Implemented Interfaces:
Filter, InitializingBean, Ordered
public class ConcurrentSessionFilter
extends SpringSecurityFilter
implements InitializingBean

Filter required by concurrent session handling package.

This filter performs two functions. First, it calls SessionRegistry.refreshLastRequest(String) for each request so that registered sessions always have a correct "last update" date/time. Second, it retrieves a SessionInformation from the SessionRegistry for each request and checks if the session has been marked as expired. If it has been marked as expired, the configured logout handlers will be called (as happens with LogoutFilter), typically to invalidate the session. A redirect to the expiredURL specified will be performed, and the session invalidation will cause an HttpSessionDestroyedEvent to be published via the HttpSessionEventPublisher registered in web.xml.

Version:
$Id$
Author:
Ben Alex

Field Summary
 
Fields inherited from class org.springframework.security.ui.SpringSecurityFilter
logger
 
Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
 
Constructor Summary
ConcurrentSessionFilter()
           
 
Method Summary
 void afterPropertiesSet()
           
protected  String determineExpiredUrl(HttpServletRequest request, SessionInformation info)
           
 void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
           
 int getOrder()
           
 void setExpiredUrl(String expiredUrl)
           
 void setLogoutHandlers(LogoutHandler[] handlers)
           
 void setSessionRegistry(SessionRegistry sessionRegistry)
           
 
Methods inherited from class org.springframework.security.ui.SpringSecurityFilter
destroy, doFilter, init, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ConcurrentSessionFilter

public ConcurrentSessionFilter()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Throws:
Exception

doFilterHttp

public void doFilterHttp(HttpServletRequest request,
                         HttpServletResponse response,
                         FilterChain chain)
                  throws IOException,
                         ServletException
Specified by:
doFilterHttp in class SpringSecurityFilter
Throws:
IOException
ServletException

determineExpiredUrl

protected String determineExpiredUrl(HttpServletRequest request,
                                     SessionInformation info)

setExpiredUrl

public void setExpiredUrl(String expiredUrl)

setSessionRegistry

public void setSessionRegistry(SessionRegistry sessionRegistry)

setLogoutHandlers

public void setLogoutHandlers(LogoutHandler[] handlers)

getOrder

public int getOrder()
Specified by:
getOrder in interface Ordered
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Spring Security Framework
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2010 SpringSource, Inc. All Rights Reserved.