Class SecurityContextHolderAwareRequestFilter

  • All Implemented Interfaces:
    javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

    public class SecurityContextHolderAwareRequestFilter
    extends org.springframework.web.filter.GenericFilterBean
    A Filter which populates the ServletRequest with a request wrapper which implements the servlet API security methods.

    SecurityContextHolderAwareRequestWrapper is extended to provide the following additional methods:

    • Constructor Detail

      • SecurityContextHolderAwareRequestFilter

        public SecurityContextHolderAwareRequestFilter()
    • Method Detail

      • setRolePrefix

        public void setRolePrefix​(java.lang.String rolePrefix)
      • setAuthenticationEntryPoint

        public void setAuthenticationEntryPoint​(AuthenticationEntryPoint authenticationEntryPoint)

        Sets the AuthenticationEntryPoint used when integrating HttpServletRequest with Servlet 3 APIs. Specifically, it will be used when HttpServletRequest.authenticate(HttpServletResponse) is called and the user is not authenticated.

        If the value is null (default), then the default container behavior will be be retained when invoking HttpServletRequest.authenticate(HttpServletResponse) .

        Parameters:
        authenticationEntryPoint - the AuthenticationEntryPoint to use when invoking HttpServletRequest.authenticate(HttpServletResponse) if the user is not authenticated.
      • setAuthenticationManager

        public void setAuthenticationManager​(AuthenticationManager authenticationManager)

        Sets the AuthenticationManager used when integrating HttpServletRequest with Servlet 3 APIs. Specifically, it will be used when HttpServletRequest.login(String, String) is invoked to determine if the user is authenticated.

        If the value is null (default), then the default container behavior will be retained when invoking HttpServletRequest.login(String, String).

        Parameters:
        authenticationManager - the AuthenticationManager to use when invoking HttpServletRequest.login(String, String)
      • setLogoutHandlers

        public void setLogoutHandlers​(java.util.List<LogoutHandler> logoutHandlers)

        Sets the LogoutHandlers used when integrating with HttpServletRequest with Servlet 3 APIs. Specifically it will be used when HttpServletRequest.logout() is invoked in order to log the user out. So long as the LogoutHandlers do not commit the HttpServletResponse (expected), then the user is in charge of handling the response.

        If the value is null (default), the default container behavior will be retained when invoking HttpServletRequest.logout().

        Parameters:
        logoutHandlers - the List&lt;LogoutHandler&gt;s when invoking HttpServletRequest.logout().
      • doFilter

        public void doFilter​(javax.servlet.ServletRequest req,
                             javax.servlet.ServletResponse res,
                             javax.servlet.FilterChain chain)
                      throws java.io.IOException,
                             javax.servlet.ServletException
        Throws:
        java.io.IOException
        javax.servlet.ServletException
      • afterPropertiesSet

        public void afterPropertiesSet()
                                throws javax.servlet.ServletException
        Specified by:
        afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
        Overrides:
        afterPropertiesSet in class org.springframework.web.filter.GenericFilterBean
        Throws:
        javax.servlet.ServletException