public class OpenIDAuthenticationFilter extends AbstractAuthenticationProcessingFilter
The OpenID authentication involves two stages.
OpenIDAuthenticationProvider
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_CLAIMED_IDENTITY_FIELD |
authenticationDetailsSource, eventPublisher, messages
Constructor and Description |
---|
OpenIDAuthenticationFilter() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
Authentication |
attemptAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authentication has two phases.
|
protected java.lang.String |
buildReturnToUrl(javax.servlet.http.HttpServletRequest request)
Builds the return_to URL that will be sent to the OpenID service provider.
|
protected java.lang.String |
lookupRealm(java.lang.String returnToUrl) |
protected java.lang.String |
obtainUsername(javax.servlet.http.HttpServletRequest req)
Reads the claimedIdentityFieldName from the submitted request.
|
void |
setClaimedIdentityFieldName(java.lang.String claimedIdentityFieldName)
The name of the request parameter containing the OpenID identity, as submitted from
the initial login form.
|
void |
setConsumer(OpenIDConsumer consumer) |
void |
setRealmMapping(java.util.Map<java.lang.String,java.lang.String> realmMapping)
Maps the return_to url to a realm, for example:
|
void |
setReturnToUrlParameters(java.util.Set<java.lang.String> returnToUrlParameters)
Specifies any extra parameters submitted along with the identity field which should
be appended to the
return_to URL which is assembled by
buildReturnToUrl(javax.servlet.http.HttpServletRequest) . |
doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication
public static final java.lang.String DEFAULT_CLAIMED_IDENTITY_FIELD
public void afterPropertiesSet()
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
afterPropertiesSet
in class AbstractAuthenticationProcessingFilter
public Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws AuthenticationException, java.io.IOException
attemptAuthentication
in class AbstractAuthenticationProcessingFilter
request
- from which to extract parameters and perform the authenticationresponse
- the response, which may be needed if the implementation has to do a
redirect as part of a multi-stage authentication process (such as OpenID).AuthenticationException
- if authentication fails.java.io.IOException
protected java.lang.String lookupRealm(java.lang.String returnToUrl)
protected java.lang.String buildReturnToUrl(javax.servlet.http.HttpServletRequest request)
request
- the current request which is being processed by this filterprotected java.lang.String obtainUsername(javax.servlet.http.HttpServletRequest req)
public void setRealmMapping(java.util.Map<java.lang.String,java.lang.String> realmMapping)
https://www.example.com/login/openid -> https://www.example.com/realmIf no mapping is provided then the returnToUrl will be parsed to extract the protocol, hostname and port followed by a trailing slash. This means that https://foo.example.com/login/openid will automatically become http://foo.example.com:80/
realmMapping
- containing returnToUrl -> realm mappingspublic void setClaimedIdentityFieldName(java.lang.String claimedIdentityFieldName)
claimedIdentityFieldName
- defaults to "openid_identifier"public void setConsumer(OpenIDConsumer consumer)
public void setReturnToUrlParameters(java.util.Set<java.lang.String> returnToUrlParameters)
return_to
URL which is assembled by
buildReturnToUrl(javax.servlet.http.HttpServletRequest)
.returnToUrlParameters
- the set of parameter names. If not set, it will
default to the parameter name used by the RememberMeServices
obtained from
the parent class (if one is set).