org.springframework.security.extensions.kerberos.web
Class SpnegoAuthenticationProcessingFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter
- All Implemented Interfaces:
- javax.servlet.Filter, BeanNameAware, DisposableBean, InitializingBean, ServletContextAware
public class SpnegoAuthenticationProcessingFilter
- extends GenericFilterBean
Parses the SPNEGO authentication Header, which was generated by the browser
and creates a KerberosServiceRequestToken
out if it. It will then call the
AuthenticationManager
.
A typical Spring Security configuration might look like this:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<sec:http entry-point-ref="spnegoEntryPoint">
<sec:intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_FULLY" />
<sec:custom-filter ref="spnegoAuthenticationProcessingFilter" position="BASIC_PROCESSING_FILTER" />
</sec:http>
<bean id="spnegoEntryPoint" class="org.springframework.security.extensions.kerberos.web.SpnegoEntryPoint" />
<bean id="spnegoAuthenticationProcessingFilter"
class="org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="kerberosServiceAuthenticationProvider" />
</sec:authentication-manager>
<bean id="kerberosServiceAuthenticationProvider"
class="org.springframework.security.extensions.kerberos.KerberosServiceAuthenticationProvider">
<property name="ticketValidator">
<bean class="org.springframework.security.extensions.kerberos.SunJaasKerberosTicketValidator">
<property name="servicePrincipal" value="HTTP/web.springsource.com" />
<property name="keyTabLocation" value="classpath:http-java.keytab" />
</bean>
</property>
<property name="userDetailsService" ref="inMemoryUserDetailsService" />
</bean>
<bean id="inMemoryUserDetailsService"
class="org.springframework.security.core.userdetails.memory.InMemoryDaoImpl">
<property name="userProperties">
<value>
[email protected]=notUsed,ROLE_ADMIN
</value>
</property>
</bean>
</beans>
- Since:
- 1.0
- Version:
- $Id: SpnegoAuthenticationProcessingFilter.java 35 2009-09-03 18:15:03Z mwiesner $
- Author:
- Mike Wiesner
- See Also:
KerberosServiceAuthenticationProvider
,
SpnegoEntryPoint
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SpnegoAuthenticationProcessingFilter
public SpnegoAuthenticationProcessingFilter()
doFilter
public void doFilter(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
- Throws:
IOException
javax.servlet.ServletException
setAuthenticationManager
public void setAuthenticationManager(AuthenticationManager authenticationManager)
- The authentication manager for validating the ticket.
- Parameters:
authenticationManager
-
afterPropertiesSet
public void afterPropertiesSet()
throws javax.servlet.ServletException
- Specified by:
afterPropertiesSet
in interface InitializingBean
- Overrides:
afterPropertiesSet
in class GenericFilterBean
- Throws:
javax.servlet.ServletException
Copyright © 2009 SpringSource, Inc. All Rights Reserved.