org.springframework.security.providers.anonymous
Class AnonymousProcessingFilter
java.lang.Object
org.springframework.security.ui.SpringSecurityFilter
org.springframework.security.providers.anonymous.AnonymousProcessingFilter
- All Implemented Interfaces:
- Filter, InitializingBean, Ordered
public class AnonymousProcessingFilter
- extends SpringSecurityFilter
- implements InitializingBean
Detects if there is no Authentication
object in the SecurityContextHolder
, and
populates it with one if needed.
- Version:
- $Id$
- Author:
- Ben Alex
AnonymousProcessingFilter
public AnonymousProcessingFilter()
afterPropertiesSet
public void afterPropertiesSet()
throws Exception
- Specified by:
afterPropertiesSet
in interface InitializingBean
- Throws:
Exception
applyAnonymousForThisRequest
protected boolean applyAnonymousForThisRequest(HttpServletRequest request)
- Enables subclasses to determine whether or not an anonymous authentication token should be setup for
this request. This is useful if anonymous authentication should be allowed only for specific IP subnet ranges
etc.
- Parameters:
request
- to assist the method determine request details
- Returns:
true
if the anonymous token should be setup for this request (provided that the request
doesn't already have some other Authentication
inside it), or false
if no
anonymous token should be setup for this request
createAuthentication
protected Authentication createAuthentication(HttpServletRequest request)
doFilterHttp
protected void doFilterHttp(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain)
throws IOException,
ServletException
- Specified by:
doFilterHttp
in class SpringSecurityFilter
- Throws:
IOException
ServletException
getOrder
public int getOrder()
- Specified by:
getOrder
in interface Ordered
getKey
public String getKey()
getUserAttribute
public UserAttribute getUserAttribute()
isRemoveAfterRequest
public boolean isRemoveAfterRequest()
setAuthenticationDetailsSource
public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)
setKey
public void setKey(String key)
setRemoveAfterRequest
public void setRemoveAfterRequest(boolean removeAfterRequest)
- Controls whether the filter will remove the Anonymous token after the request is complete. Generally
this is desired to avoid the expense of a session being created by
HttpSessionContextIntegrationFilter
simply to
store the Anonymous authentication token.Defaults to true
, being the most optimal and
appropriate option (ie AnonymousProcessingFilter
will clear the token at the end of each request,
thus avoiding the session creation overhead in a typical configuration.
- Parameters:
removeAfterRequest
- DOCUMENT ME!
setUserAttribute
public void setUserAttribute(UserAttribute userAttributeDefinition)
Copyright © 2004-2010 SpringSource, Inc. All Rights Reserved.