LoginUrlAuthenticationEntryPoint (Spring Security 4.2.7.RELEASE API)

java.lang.Object
- org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint

All Implemented Interfaces:

org.springframework.beans.factory.InitializingBean, AuthenticationEntryPoint
```
public class LoginUrlAuthenticationEntryPoint
extends java.lang.Object
implements AuthenticationEntryPoint, org.springframework.beans.factory.InitializingBean
```
Used by the ExceptionTranslationFilter to commence a form login authentication via the UsernamePasswordAuthenticationFilter.
Holds the location of the login form in the loginFormUrl property, and uses that to build a redirect URL to the login page. Alternatively, an absolute URL can be set in this property and that will be used exclusively.
When using a relative URL, you can set the forceHttps property to true, to force the protocol used for the login form to be HTTPS, even if the original intercepted request for a resource used the HTTP protocol. When this happens, after a successful login (via HTTPS), the original resource will still be accessed as HTTP, via the original request URL. For the forced HTTPS feature to work, the PortMapper is consulted to determine the HTTP:HTTPS pairs. The value of forceHttps will have no effect if an absolute URL is used.

Since:

3.0

Constructor Summary

Constructors
Constructor and Description

LoginUrlAuthenticationEntryPoint(java.lang.String loginFormUrl)

Constructors
Constructor and Description
`LoginUrlAuthenticationEntryPoint(java.lang.String loginFormUrl)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`afterPropertiesSet()`
`protected java.lang.String`	`buildHttpsRedirectUrlForRequest(javax.servlet.http.HttpServletRequest request)` Builds a URL to redirect the supplied request to HTTPS.
`protected java.lang.String`	`buildRedirectUrlToLoginPage(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException authException)`
`void`	`commence(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException authException)` Performs the redirect (or forward) to the login form URL.
`protected java.lang.String`	`determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException exception)` Allows subclasses to modify the login form URL that should be applicable for a given request.
`java.lang.String`	`getLoginFormUrl()`
`protected PortMapper`	`getPortMapper()`
`protected PortResolver`	`getPortResolver()`
`protected boolean`	`isForceHttps()`
`protected boolean`	`isUseForward()`
`void`	`setForceHttps(boolean forceHttps)` Set to true to force login form access to be via https.
`void`	`setPortMapper(PortMapper portMapper)`
`void`	`setPortResolver(PortResolver portResolver)`
`void`	`setUseForward(boolean useForward)` Tells if we are to do a forward to the `loginFormUrl` using the `RequestDispatcher`, instead of a 302 redirect.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - LoginUrlAuthenticationEntryPoint
```
public LoginUrlAuthenticationEntryPoint(java.lang.String loginFormUrl)
```
    Parameters:
    
    loginFormUrl - URL where the login page can be found. Should either be relative to the web-app context path (include a leading /) or an absolute URL.
- Method Detail
  - afterPropertiesSet
```
public void afterPropertiesSet()
                        throws java.lang.Exception
```
    Specified by:
    
    afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
    
    Throws:
    
    java.lang.Exception
  - determineUrlToUseForThisRequest
```
protected java.lang.String determineUrlToUseForThisRequest(javax.servlet.http.HttpServletRequest request,
                                                           javax.servlet.http.HttpServletResponse response,
                                                           AuthenticationException exception)
```
    Allows subclasses to modify the login form URL that should be applicable for a given request.
    
    Parameters:
    
    request - the request
    
    response - the response
    
    exception - the exception
    
    Returns:
    
    the URL (cannot be null or empty; defaults to getLoginFormUrl())
  - commence
```
public void commence(javax.servlet.http.HttpServletRequest request,
                     javax.servlet.http.HttpServletResponse response,
                     AuthenticationException authException)
              throws java.io.IOException,
                     javax.servlet.ServletException
```
    Performs the redirect (or forward) to the login form URL.
    
    Specified by:
    
    commence in interface AuthenticationEntryPoint
    
    Parameters:
    
    request - that resulted in an AuthenticationException
    
    response - so that the user agent can begin authentication
    
    authException - that caused the invocation
    
    Throws:
    
    java.io.IOException
    
    javax.servlet.ServletException
  - buildRedirectUrlToLoginPage
```
protected java.lang.String buildRedirectUrlToLoginPage(javax.servlet.http.HttpServletRequest request,
                                                       javax.servlet.http.HttpServletResponse response,
                                                       AuthenticationException authException)
```
  - buildHttpsRedirectUrlForRequest
```
protected java.lang.String buildHttpsRedirectUrlForRequest(javax.servlet.http.HttpServletRequest request)
                                                    throws java.io.IOException,
                                                           javax.servlet.ServletException
```
    Builds a URL to redirect the supplied request to HTTPS. Used to redirect the current request to HTTPS, before doing a forward to the login page.
    
    Throws:
    
    java.io.IOException
    
    javax.servlet.ServletException
  - setForceHttps
```
public void setForceHttps(boolean forceHttps)
```
    Set to true to force login form access to be via https. If this value is true (the default is false), and the incoming request for the protected resource which triggered the interceptor was not already https, then the client will first be redirected to an https URL, even if serverSideRedirect is set to true.
  - isForceHttps
```
protected boolean isForceHttps()
```
  - getLoginFormUrl
```
public java.lang.String getLoginFormUrl()
```
  - setPortMapper
```
public void setPortMapper(PortMapper portMapper)
```
  - getPortMapper
```
protected PortMapper getPortMapper()
```
  - setPortResolver
```
public void setPortResolver(PortResolver portResolver)
```
  - getPortResolver
```
protected PortResolver getPortResolver()
```
  - setUseForward
```
public void setUseForward(boolean useForward)
```
    Tells if we are to do a forward to the loginFormUrl using the RequestDispatcher, instead of a 302 redirect.
    
    Parameters:
    
    useForward - true if a forward to the login page should be used. Must be false (the default) if loginFormUrl is set to an absolute value.
  - isUseForward
```
protected boolean isUseForward()
```

Class LoginUrlAuthenticationEntryPoint

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

LoginUrlAuthenticationEntryPoint

Method Detail

afterPropertiesSet

determineUrlToUseForThisRequest

commence

buildRedirectUrlToLoginPage

buildHttpsRedirectUrlForRequest

setForceHttps

isForceHttps

getLoginFormUrl

setPortMapper

getPortMapper

setPortResolver

getPortResolver

setUseForward

isUseForward