SaveContextOnUpdateOrErrorResponseWrapper (Spring Security 4.2.7.RELEASE API)

java.lang.Object
- javax.servlet.ServletResponseWrapper
- - javax.servlet.http.HttpServletResponseWrapper
  - - org.springframework.security.web.util.OnCommittedResponseWrapper
    - - org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper

All Implemented Interfaces:

javax.servlet.http.HttpServletResponse, javax.servlet.ServletResponse
```
public abstract class SaveContextOnUpdateOrErrorResponseWrapper
extends OnCommittedResponseWrapper
```
Base class for response wrappers which encapsulate the logic for storing a security context and which store the SecurityContext when a sendError(), sendRedirect, getOutputStream().close(), getOutputStream().flush(), getWriter().close(), or getWriter().flush() happens on the same thread that this SaveContextOnUpdateOrErrorResponseWrapper was created. See issue SEC-398 and SEC-2005.
Sub-classes should implement the saveContext(SecurityContext context) method.
Support is also provided for disabling URL rewriting

Since:

3.0

Field Summary
- Fields inherited from interface javax.servlet.http.HttpServletResponse
  SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY

Constructor Summary

Constructors
Constructor and Description
`SaveContextOnUpdateOrErrorResponseWrapper(javax.servlet.http.HttpServletResponse response, boolean disableUrlRewriting)`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`disableSaveOnResponseCommitted()` Invoke this method to disable automatic saving of the `SecurityContext` when the `HttpServletResponse` is committed.
`java.lang.String`	`encodeRedirectUrl(java.lang.String url)`
`java.lang.String`	`encodeRedirectURL(java.lang.String url)`
`java.lang.String`	`encodeUrl(java.lang.String url)`
`java.lang.String`	`encodeURL(java.lang.String url)`
`boolean`	`isContextSaved()` Tells if the response wrapper has called `saveContext()` because of this wrapper.
`protected void`	`onResponseCommitted()` Calls `saveContext()` with the current contents of the `SecurityContextHolder` as long as `()` was not invoked.
`protected abstract void`	`saveContext(SecurityContext context)` Implements the logic for storing the security context.

Methods inherited from class org.springframework.security.web.util.OnCommittedResponseWrapper
addHeader, disableOnResponseCommitted, flushBuffer, getOutputStream, getWriter, isDisableOnResponseCommitted, sendError, sendError, sendRedirect, setContentLength

Methods inherited from class javax.servlet.http.HttpServletResponseWrapper
addCookie, addDateHeader, addIntHeader, containsHeader, getHeader, getHeaderNames, getHeaders, getStatus, setDateHeader, setHeader, setIntHeader, setStatus, setStatus

Methods inherited from class javax.servlet.ServletResponseWrapper
getBufferSize, getCharacterEncoding, getContentType, getLocale, getResponse, isCommitted, isWrapperFor, isWrapperFor, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLengthLong, setContentType, setLocale, setResponse

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.servlet.ServletResponse
getBufferSize, getCharacterEncoding, getContentType, getLocale, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLengthLong, setContentType, setLocale

- Constructor Detail
  - SaveContextOnUpdateOrErrorResponseWrapper
```
public SaveContextOnUpdateOrErrorResponseWrapper(javax.servlet.http.HttpServletResponse response,
                                                 boolean disableUrlRewriting)
```
    Parameters:
    
    response - the response to be wrapped
    
    disableUrlRewriting - turns the URL encoding methods into null operations, preventing the use of URL rewriting to add the session identifier as a URL parameter.
- Method Detail
  - disableSaveOnResponseCommitted
```
public void disableSaveOnResponseCommitted()
```
    Invoke this method to disable automatic saving of the SecurityContext when the HttpServletResponse is committed. This can be useful in the event that Async Web Requests are made which may no longer contain the SecurityContext on it.
  - saveContext
```
protected abstract void saveContext(SecurityContext context)
```
    Implements the logic for storing the security context.
    
    Parameters:
    
    context - the SecurityContext instance to store
  - onResponseCommitted
```
protected void onResponseCommitted()
```
    Calls saveContext() with the current contents of the SecurityContextHolder as long as () was not invoked.
    
    Specified by:
    
    onResponseCommitted in class OnCommittedResponseWrapper
  - encodeRedirectUrl
```
public final java.lang.String encodeRedirectUrl(java.lang.String url)
```
    Specified by:
    
    encodeRedirectUrl in interface javax.servlet.http.HttpServletResponse
    
    Overrides:
    
    encodeRedirectUrl in class javax.servlet.http.HttpServletResponseWrapper
  - encodeRedirectURL
```
public final java.lang.String encodeRedirectURL(java.lang.String url)
```
    Specified by:
    
    encodeRedirectURL in interface javax.servlet.http.HttpServletResponse
    
    Overrides:
    
    encodeRedirectURL in class javax.servlet.http.HttpServletResponseWrapper
  - encodeUrl
```
public final java.lang.String encodeUrl(java.lang.String url)
```
    Specified by:
    
    encodeUrl in interface javax.servlet.http.HttpServletResponse
    
    Overrides:
    
    encodeUrl in class javax.servlet.http.HttpServletResponseWrapper
  - encodeURL
```
public final java.lang.String encodeURL(java.lang.String url)
```
    Specified by:
    
    encodeURL in interface javax.servlet.http.HttpServletResponse
    
    Overrides:
    
    encodeURL in class javax.servlet.http.HttpServletResponseWrapper
  - isContextSaved
```
public final boolean isContextSaved()
```
    Tells if the response wrapper has called saveContext() because of this wrapper.

Class SaveContextOnUpdateOrErrorResponseWrapper

Field Summary

Fields inherited from interface javax.servlet.http.HttpServletResponse

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.web.util.OnCommittedResponseWrapper

Methods inherited from class javax.servlet.http.HttpServletResponseWrapper

Methods inherited from class javax.servlet.ServletResponseWrapper

Methods inherited from class java.lang.Object

Methods inherited from interface javax.servlet.ServletResponse

Constructor Detail

SaveContextOnUpdateOrErrorResponseWrapper

Method Detail

disableSaveOnResponseCommitted

saveContext

onResponseCommitted

encodeRedirectUrl

encodeRedirectURL

encodeUrl

encodeURL

isContextSaved