ContextPropagatingRemoteInvocation (Spring Security 4.0.4.RELEASE API)

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- org.springframework.remoting.support.RemoteInvocation
- - org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation

All Implemented Interfaces:

Serializable
```
public class ContextPropagatingRemoteInvocation
extends RemoteInvocation
```
The actual RemoteInvocation that is passed from the client to the server.
The principal and credentials information will be extracted from the current security context and passed to the server as part of the invocation object.
To avoid potential serialization-based attacks, this implementation interprets the values as Strings and creates a UsernamePasswordAuthenticationToken on the server side to hold them. If a different token type is required you can override the createAuthenticationRequest method.

See Also:

Serialized Form

Constructor Summary

Constructors
Constructor and Description
`ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)` Constructs the object, storing the principal and credentials extracted from the client-side security context.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected Authentication`	`createAuthenticationRequest(String principal, String credentials)` Creates the server-side authentication request object.
`Object`	`invoke(Object targetObject)` Invoked on the server-side.

Methods inherited from class org.springframework.remoting.support.RemoteInvocation
addAttribute, getArguments, getAttribute, getAttributes, getMethodName, getParameterTypes, setArguments, setAttributes, setMethodName, setParameterTypes, toString

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - ContextPropagatingRemoteInvocation
```
public ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
```
    Constructs the object, storing the principal and credentials extracted from the client-side security context.
    
    Parameters:
    
    methodInvocation - the method to invoke
- Method Detail
  - invoke
```
public Object invoke(Object targetObject)
              throws NoSuchMethodException,
                     IllegalAccessException,
                     InvocationTargetException
```
    Invoked on the server-side.
    The transmitted principal and credentials will be used to create an unauthenticated Authentication instance for processing by the AuthenticationManager.
    
    Overrides:
    
    invoke in class RemoteInvocation
    
    Parameters:
    
    targetObject - the target object to apply the invocation to
    
    Returns:
    
    the invocation result
    
    Throws:
    
    NoSuchMethodException - if the method name could not be resolved
    
    IllegalAccessException - if the method could not be accessed
    
    InvocationTargetException - if the method invocation resulted in an exception
  - createAuthenticationRequest
```
protected Authentication createAuthenticationRequest(String principal,
                                                     String credentials)
```
    Creates the server-side authentication request object.

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method