public class JaasApiIntegrationFilter extends GenericFilterBean
A Filter
which attempts to obtain a JAAS Subject
and continue the FilterChain
running as that
Subject
.
By using this Filter
in conjunction with Spring's
JaasAuthenticationProvider
both Spring's
SecurityContext
and a JAAS Subject
can be populated
simultaneously. This is useful when integrating with code that requires a
JAAS Subject
to be populated.
logger
Constructor and Description |
---|
JaasApiIntegrationFilter() |
Modifier and Type | Method and Description |
---|---|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
Attempts to obtain and run as a JAAS
Subject using
obtainSubject(ServletRequest) . |
protected Subject |
obtainSubject(javax.servlet.ServletRequest request)
Obtains the
Subject to run as or null if no
Subject is available. |
void |
setCreateEmptySubject(boolean createEmptySubject)
Sets
createEmptySubject . |
addRequiredProperty, afterPropertiesSet, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
public final void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws javax.servlet.ServletException, IOException
Attempts to obtain and run as a JAAS Subject
using
obtainSubject(ServletRequest)
.
If the Subject
is null
and
createEmptySubject is true
, an empty, writeable
Subject
is used. This allows for the Subject
to
be populated at the time of login. If the Subject
is
null
, the FilterChain
continues with no
additional processing. If the Subject
is not
null
, the FilterChain
is ran with
Subject.doAs(Subject, PrivilegedExceptionAction)
in conjunction
with the Subject
obtained.
javax.servlet.ServletException
IOException
protected Subject obtainSubject(javax.servlet.ServletRequest request)
Obtains the Subject
to run as or null
if no
Subject
is available.
The default implementation attempts to obtain the Subject
from the SecurityContext
's Authentication
. If
it is of type JaasAuthenticationToken
and is authenticated,
the Subject
is returned from it. Otherwise,
null
is returned.
request
- the current ServletRequest
null
if no
Subject
is available.public final void setCreateEmptySubject(boolean createEmptySubject)
createEmptySubject
. If the value is true
,
and obtainSubject(ServletRequest)
returns null
, an
empty, writeable Subject
is created instead. Otherwise no
Subject
is used. The default is false
.createEmptySubject
- the new value