org.springframework.security.web.access
Class ExceptionTranslationFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.web.access.ExceptionTranslationFilter
- All Implemented Interfaces:
- javax.servlet.Filter, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.web.context.ServletContextAware
public class ExceptionTranslationFilter
- extends org.springframework.web.filter.GenericFilterBean
Handles any AccessDeniedException
and AuthenticationException
thrown within the
filter chain.
This filter is necessary because it provides the bridge between Java exceptions and HTTP responses.
It is solely concerned with maintaining the user interface. This filter does not do any actual security enforcement.
If an AuthenticationException
is detected, the filter will launch the authenticationEntryPoint
.
This allows common handling of authentication failures originating from any subclass of
AbstractSecurityInterceptor
.
If an AccessDeniedException
is detected, the filter will determine whether or not the user is an anonymous
user. If they are an anonymous user, the authenticationEntryPoint
will be launched. If they are not
an anonymous user, the filter will delegate to the AccessDeniedHandler
.
By default the filter will use AccessDeniedHandlerImpl
.
To use this filter, it is necessary to specify the following properties:
authenticationEntryPoint
indicates the handler that
should commence the authentication process if an
AuthenticationException
is detected. Note that this may also
switch the current protocol from http to https for an SSL login.
- requestCache determines the strategy used to save a request during the authentication process in order
that it may be retrieved and reused once the user has authenticated. The default implementation is
HttpSessionRequestCache
.
Fields inherited from class org.springframework.web.filter.GenericFilterBean |
logger |
Methods inherited from class org.springframework.web.filter.GenericFilterBean |
addRequiredProperty, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setServletContext |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ExceptionTranslationFilter
public ExceptionTranslationFilter()
afterPropertiesSet
public void afterPropertiesSet()
- Specified by:
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
- Overrides:
afterPropertiesSet
in class org.springframework.web.filter.GenericFilterBean
doFilter
public void doFilter(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res,
javax.servlet.FilterChain chain)
throws java.io.IOException,
javax.servlet.ServletException
- Throws:
java.io.IOException
javax.servlet.ServletException
getAuthenticationEntryPoint
public AuthenticationEntryPoint getAuthenticationEntryPoint()
getAuthenticationTrustResolver
protected AuthenticationTrustResolver getAuthenticationTrustResolver()
sendStartAuthentication
protected void sendStartAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain,
AuthenticationException reason)
throws javax.servlet.ServletException,
java.io.IOException
- Throws:
javax.servlet.ServletException
java.io.IOException
setAccessDeniedHandler
public void setAccessDeniedHandler(AccessDeniedHandler accessDeniedHandler)
setAuthenticationEntryPoint
public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint)
setAuthenticationTrustResolver
public void setAuthenticationTrustResolver(AuthenticationTrustResolver authenticationTrustResolver)
setThrowableAnalyzer
public void setThrowableAnalyzer(ThrowableAnalyzer throwableAnalyzer)
setRequestCache
public void setRequestCache(RequestCache requestCache)
- The RequestCache implementation used to store the current request before starting authentication.
Defaults to an
HttpSessionRequestCache
.