|
Spring Security Framework | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.ui.SpringSecurityFilter org.springframework.security.ui.AbstractProcessingFilter org.springframework.security.ui.cas.CasProcessingFilter
public class CasProcessingFilter
Processes a CAS service ticket.
A service ticket consists of an opaque ticket string. It arrives at this
filter by the user's browser successfully authenticating using CAS, and then receiving a HTTP redirect to a
service
. The opaque ticket string is presented in the ticket
request parameter. This
filter monitors the service
URL so it can receive the service ticket and process it. The CAS server
knows which service
URL to use via the ServiceProperties.getService()
method.
Processing the service ticket involves creating a UsernamePasswordAuthenticationToken
which
uses CAS_STATEFUL_IDENTIFIER
for the principal
and the opaque ticket string as the
credentials
.
The configured AuthenticationManager
is expected to provide a provider that can recognise
UsernamePasswordAuthenticationToken
s containing this special principal
name, and process
them accordingly by validation with the CAS server.
By configuring a shared ProxyGrantingTicketStorage
between the TicketValidator
and the CasProcessingFilter
one can have the CasProcessingFilter handle the proxying requirements for CAS. In addition, the URI endpoint for the proxying
would also need to be configured (i.e. the part after protocol, hostname, and port).
Do not use this class directly. Instead configure web.xml
to use the FilterToBeanProxy
.
Field Summary | |
---|---|
static String |
CAS_STATEFUL_IDENTIFIER
Used to identify a CAS request for a stateful user agent, such as a web browser. |
static String |
CAS_STATELESS_IDENTIFIER
Used to identify a CAS request for a stateless user agent, such as a remoting protocol client (eg Hessian, Burlap, SOAP etc). |
Fields inherited from class org.springframework.security.ui.AbstractProcessingFilter |
---|
authenticationDetailsSource, eventPublisher, messages, SPRING_SECURITY_LAST_EXCEPTION_KEY, SPRING_SECURITY_SAVED_REQUEST_KEY |
Fields inherited from class org.springframework.security.ui.SpringSecurityFilter |
---|
logger |
Fields inherited from interface org.springframework.core.Ordered |
---|
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE |
Constructor Summary | |
---|---|
CasProcessingFilter()
|
Method Summary | |
---|---|
Authentication |
attemptAuthentication(HttpServletRequest request)
Performs actual authentication. |
String |
getDefaultFilterProcessesUrl()
This filter by default responds to /j_spring_cas_security_check . |
int |
getOrder()
|
protected boolean |
requiresAuthentication(HttpServletRequest request,
HttpServletResponse response)
Overridden to provide proxying capabilities. |
void |
setProxyGrantingTicketStorage(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage proxyGrantingTicketStorage)
|
void |
setProxyReceptorUrl(String proxyReceptorUrl)
|
Methods inherited from class org.springframework.security.ui.SpringSecurityFilter |
---|
destroy, doFilter, init, toString |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
public static final String CAS_STATEFUL_IDENTIFIER
public static final String CAS_STATELESS_IDENTIFIER
HttpSession
will result in a new authentication attempt on every request.
Constructor Detail |
---|
public CasProcessingFilter()
Method Detail |
---|
public Authentication attemptAuthentication(HttpServletRequest request) throws AuthenticationException
AbstractProcessingFilter
attemptAuthentication
in class AbstractProcessingFilter
request
- from which to extract parameters and perform the
authentication
AuthenticationException
- if authentication failspublic String getDefaultFilterProcessesUrl()
/j_spring_cas_security_check
.
getDefaultFilterProcessesUrl
in class AbstractProcessingFilter
public int getOrder()
protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response)
requiresAuthentication
in class AbstractProcessingFilter
request
- as received from the filter chainresponse
- as received from the filter chain
true
if the filter should attempt authentication,
false
otherwisepublic final void setProxyReceptorUrl(String proxyReceptorUrl)
public final void setProxyGrantingTicketStorage(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage proxyGrantingTicketStorage)
|
Spring Security Framework | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |