LoginUrlAuthenticationEntryPoint (Spring Security 3.1.7.RELEASE API)

java.lang.Object
- org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint

All Implemented Interfaces:

InitializingBean, AuthenticationEntryPoint
```
public class LoginUrlAuthenticationEntryPoint
extends Object
implements AuthenticationEntryPoint, InitializingBean
```
Used by the ExceptionTranslationFilter to commence a form login authentication via the UsernamePasswordAuthenticationFilter.
Holds the location of the login form in the loginFormUrl property, and uses that to build a redirect URL to the login page. Alternatively, an absolute URL can be set in this property and that will be used exclusively.
When using a relative URL, you can set the forceHttps property to true, to force the protocol used for the login form to be HTTPS, even if the original intercepted request for a resource used the HTTP protocol. When this happens, after a successful login (via HTTPS), the original resource will still be accessed as HTTP, via the original request URL. For the forced HTTPS feature to work, the PortMapper is consulted to determine the HTTP:HTTPS pairs. The value of forceHttps will have no effect if an absolute URL is used.

Since:

3.0

Constructor Summary

Constructors
Constructor and Description

LoginUrlAuthenticationEntryPoint()
Deprecated.
Use constructor injection

LoginUrlAuthenticationEntryPoint(String loginFormUrl)

Constructors
Constructor and Description
`LoginUrlAuthenticationEntryPoint()` Deprecated. Use constructor injection
`LoginUrlAuthenticationEntryPoint(String loginFormUrl)`

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`afterPropertiesSet()`
`protected String`	`buildHttpsRedirectUrlForRequest(javax.servlet.http.HttpServletRequest request)` Builds a URL to redirect the supplied request to HTTPS.
`protected String`	`buildRedirectUrlToLoginPage(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException authException)`
`void`	`commence(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException authException)` Performs the redirect (or forward) to the login form URL.
`protected String`	`determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException exception)` Allows subclasses to modify the login form URL that should be applicable for a given request.
`String`	`getLoginFormUrl()`
`protected PortMapper`	`getPortMapper()`
`protected PortResolver`	`getPortResolver()`
`protected boolean`	`isForceHttps()`
`protected boolean`	`isUseForward()`
`void`	`setForceHttps(boolean forceHttps)` Set to true to force login form access to be via https.
`void`	`setLoginFormUrl(String loginFormUrl)` Deprecated. use constructor injection
`void`	`setPortMapper(PortMapper portMapper)`
`void`	`setPortResolver(PortResolver portResolver)`
`void`	`setUseForward(boolean useForward)` Tells if we are to do a forward to the `loginFormUrl` using the `RequestDispatcher`, instead of a 302 redirect.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - LoginUrlAuthenticationEntryPoint
```
@Deprecated
public LoginUrlAuthenticationEntryPoint()
```
    Deprecated. Use constructor injection
  - LoginUrlAuthenticationEntryPoint
```
public LoginUrlAuthenticationEntryPoint(String loginFormUrl)
```
    Parameters:
    loginFormUrl - URL where the login page can be found. Should either be relative to the web-app context path (include a leading /) or an absolute URL.
- Method Detail
  - afterPropertiesSet
```
public void afterPropertiesSet()
                        throws Exception
```
    Specified by:
    
    afterPropertiesSet in interface InitializingBean
    
    Throws:
    
    Exception
  - determineUrlToUseForThisRequest
```
protected String determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request,
                                     javax.servlet.http.HttpServletResponse response,
                                     AuthenticationException exception)
```
    Allows subclasses to modify the login form URL that should be applicable for a given request.
    
    Parameters:
    request - the request
    response - the response
    exception - the exception
    
    Returns:
    the URL (cannot be null or empty; defaults to getLoginFormUrl())
  - commence
```
public void commence(javax.servlet.http.HttpServletRequest request,
            javax.servlet.http.HttpServletResponse response,
            AuthenticationException authException)
              throws IOException,
                     javax.servlet.ServletException
```
    Performs the redirect (or forward) to the login form URL.
    
    Specified by:
    
    commence in interface AuthenticationEntryPoint
    
    Parameters:
    request - that resulted in an AuthenticationException
    response - so that the user agent can begin authentication
    authException - that caused the invocation
    
    Throws:
    
    IOException
    
    javax.servlet.ServletException
  - buildRedirectUrlToLoginPage
```
protected String buildRedirectUrlToLoginPage(javax.servlet.http.HttpServletRequest request,
                                 javax.servlet.http.HttpServletResponse response,
                                 AuthenticationException authException)
```
  - buildHttpsRedirectUrlForRequest
```
protected String buildHttpsRedirectUrlForRequest(javax.servlet.http.HttpServletRequest request)
                                          throws IOException,
                                                 javax.servlet.ServletException
```
    Builds a URL to redirect the supplied request to HTTPS. Used to redirect the current request to HTTPS, before doing a forward to the login page.
    
    Throws:
    
    IOException
    
    javax.servlet.ServletException
  - setForceHttps
```
public void setForceHttps(boolean forceHttps)
```
    Set to true to force login form access to be via https. If this value is true (the default is false), and the incoming request for the protected resource which triggered the interceptor was not already https, then the client will first be redirected to an https URL, even if serverSideRedirect is set to true.
  - isForceHttps
```
protected boolean isForceHttps()
```
  - setLoginFormUrl
```
@Deprecated
public void setLoginFormUrl(String loginFormUrl)
```
    Deprecated. use constructor injection
    
    The URL where the UsernamePasswordAuthenticationFilter login page can be found. Should either be relative to the web-app context path (include a leading /) or an absolute URL.
  - getLoginFormUrl
```
public String getLoginFormUrl()
```
  - setPortMapper
```
public void setPortMapper(PortMapper portMapper)
```
  - getPortMapper
```
protected PortMapper getPortMapper()
```
  - setPortResolver
```
public void setPortResolver(PortResolver portResolver)
```
  - getPortResolver
```
protected PortResolver getPortResolver()
```
  - setUseForward
```
public void setUseForward(boolean useForward)
```
    Tells if we are to do a forward to the loginFormUrl using the RequestDispatcher, instead of a 302 redirect.
    
    Parameters:
    useForward - true if a forward to the login page should be used. Must be false (the default) if loginFormUrl is set to an absolute value.
  - isUseForward
```
protected boolean isUseForward()
```

Class LoginUrlAuthenticationEntryPoint

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

LoginUrlAuthenticationEntryPoint

LoginUrlAuthenticationEntryPoint

Method Detail

afterPropertiesSet

determineUrlToUseForThisRequest

commence

buildRedirectUrlToLoginPage

buildHttpsRedirectUrlForRequest

setForceHttps

isForceHttps

setLoginFormUrl

getLoginFormUrl

setPortMapper

getPortMapper

setPortResolver

getPortResolver

setUseForward

isUseForward