|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.remoting.support.RemoteInvocation org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation
public class ContextPropagatingRemoteInvocation
The actual RemoteInvocation
that is passed from the client to the server.
The principal and credentials information will be extracted from the current security context and passed to the server as part of the invocation object.
To avoid potential serialization-based attacks, this implementation interprets the values as String
s
and creates a UsernamePasswordAuthenticationToken
on the server side to hold them. If a different
token type is required you can override the createAuthenticationRequest
method.
Constructor Summary | |
---|---|
ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
Constructs the object, storing the principal and credentials extracted from the client-side security context. |
Method Summary | |
---|---|
protected Authentication |
createAuthenticationRequest(String principal,
String credentials)
Creates the server-side authentication request object. |
Object |
invoke(Object targetObject)
Invoked on the server-side. |
Methods inherited from class org.springframework.remoting.support.RemoteInvocation |
---|
addAttribute, getArguments, getAttribute, getAttributes, getMethodName, getParameterTypes, setArguments, setAttributes, setMethodName, setParameterTypes, toString |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
---|
public ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
methodInvocation
- the method to invokeMethod Detail |
---|
public Object invoke(Object targetObject) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException
The transmitted principal and credentials will be used to create an unauthenticated Authentication
instance for processing by the AuthenticationManager
.
invoke
in class RemoteInvocation
targetObject
- the target object to apply the invocation to
NoSuchMethodException
- if the method name could not be resolved
IllegalAccessException
- if the method could not be accessed
InvocationTargetException
- if the method invocation resulted in an exceptionprotected Authentication createAuthenticationRequest(String principal, String credentials)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |