org.acegisecurity.providers.anonymous
Class AnonymousProcessingFilter

java.lang.Object
  extended by org.acegisecurity.providers.anonymous.AnonymousProcessingFilter
All Implemented Interfaces:
javax.servlet.Filter, org.springframework.beans.factory.InitializingBean

public class AnonymousProcessingFilter
extends java.lang.Object
implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean

Detects if there is no Authentication object in the SecurityContextHolder, and populates it with one if needed.

Do not use this class directly. Instead configure web.xml to use the FilterToBeanProxy.

Version:
$Id: AnonymousProcessingFilter.java 1496 2006-05-23 13:38:33Z benalex $
Author:
Ben Alex

Constructor Summary
AnonymousProcessingFilter()
           
 
Method Summary
 void afterPropertiesSet()
           
protected  boolean applyAnonymousForThisRequest(javax.servlet.ServletRequest request)
          Enables subclasses to determine whether or not an anonymous authentication token should be setup for this request.
protected  Authentication createAuthentication(javax.servlet.ServletRequest request)
           
 void destroy()
          Does nothing - we reply on IoC lifecycle services instead.
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
           
 java.lang.String getKey()
           
 UserAttribute getUserAttribute()
           
 void init(javax.servlet.FilterConfig ignored)
          Does nothing - we reply on IoC lifecycle services instead.
 boolean isRemoveAfterRequest()
           
 void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)
           
 void setKey(java.lang.String key)
           
 void setRemoveAfterRequest(boolean removeAfterRequest)
          Controls whether the filter will remove the Anonymous token after the request is complete.
 void setUserAttribute(UserAttribute userAttributeDefinition)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AnonymousProcessingFilter

public AnonymousProcessingFilter()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws java.lang.Exception
Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
Throws:
java.lang.Exception

applyAnonymousForThisRequest

protected boolean applyAnonymousForThisRequest(javax.servlet.ServletRequest request)
Enables subclasses to determine whether or not an anonymous authentication token should be setup for this request. This is useful if anonymous authentication should be allowed only for specific IP subnet ranges etc.

Parameters:
request - to assist the method determine request details
Returns:
true if the anonymous token should be setup for this request (provided that the request doesn't already have some other Authentication inside it), or false if no anonymous token should be setup for this request

createAuthentication

protected Authentication createAuthentication(javax.servlet.ServletRequest request)

destroy

public void destroy()
Does nothing - we reply on IoC lifecycle services instead.

Specified by:
destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException
Specified by:
doFilter in interface javax.servlet.Filter
Throws:
java.io.IOException
javax.servlet.ServletException

getKey

public java.lang.String getKey()

getUserAttribute

public UserAttribute getUserAttribute()

init

public void init(javax.servlet.FilterConfig ignored)
          throws javax.servlet.ServletException
Does nothing - we reply on IoC lifecycle services instead.

Specified by:
init in interface javax.servlet.Filter
Parameters:
ignored - not used
Throws:
javax.servlet.ServletException - DOCUMENT ME!

isRemoveAfterRequest

public boolean isRemoveAfterRequest()

setAuthenticationDetailsSource

public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)

setKey

public void setKey(java.lang.String key)

setRemoveAfterRequest

public void setRemoveAfterRequest(boolean removeAfterRequest)
Controls whether the filter will remove the Anonymous token after the request is complete. Generally this is desired to avoid the expense of a session being created by HttpSessionContextIntegrationFilter simply to store the Anonymous authentication token.

Defaults to true, being the most optimal and appropriate option (ie AnonymousProcessingFilter will clear the token at the end of each request, thus avoiding the session creation overhead in a typical configuration.

Parameters:
removeAfterRequest - DOCUMENT ME!

setUserAttribute

public void setUserAttribute(UserAttribute userAttributeDefinition)


Copyright © 2004-2012 Interface21, Inc. All Rights Reserved.