public class CrowdSSOAuthenticationProcessingFilter
extends org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
Constructor and Description |
---|
CrowdSSOAuthenticationProcessingFilter() |
Modifier and Type | Method and Description |
---|---|
protected void |
doSetDetails(javax.servlet.http.HttpServletRequest request,
org.springframework.security.authentication.AbstractAuthenticationToken authRequest) |
protected boolean |
requiresAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
This filter will process all requests, however, if the filterProcessesUrl
is part of the request URI, the filter will assume the request is a
username/password authentication (login) request and will not check
for Crowd SSO authentication.
|
protected void |
setDetails(javax.servlet.http.HttpServletRequest request,
org.springframework.security.authentication.UsernamePasswordAuthenticationToken authRequest)
Provided so that subclasses may configure what is put into the authentication request's details
property.
|
void |
setHttpAuthenticator(HttpAuthenticator httpAuthenticator)
Mandatory dependency.
|
void |
setLoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint filterEntryPoint)
Optional dependency, only required if multiple Crowd applications are coexisting in the same
web-application.
|
void |
setRequestToApplicationMapper(RequestToApplicationMapper requestToApplicationMapper)
Optional dependency.
|
protected void |
successfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
org.springframework.security.core.Authentication authResult)
Attempts to write out the successful SSO token to a cookie,
if an SSO token was generated and stored via the AuthenticationProvider.
|
protected void |
unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
org.springframework.security.core.AuthenticationException failed)
Attempts to remove any SSO tokens associated
with the request, effectively logging the user
out of Crowd.
|
attemptAuthentication, getPasswordParameter, getUsernameParameter, obtainPassword, obtainUsername, setPasswordParameter, setPostOnly, setUsernameParameter
afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getFilterProcessesUrl, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication
public CrowdSSOAuthenticationProcessingFilter()
protected boolean requiresAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
requiresAuthentication
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
request
- servlet request containing either username/password paramaters
or the Crowd token as a cookie.response
- servlet response to write out cookie.true
only if the filterProcessesUrl is in the request URI.protected void setDetails(javax.servlet.http.HttpServletRequest request, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authRequest)
setDetails
in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
request
- that an authentication request is being created forauthRequest
- the authentication request object that should have its details setprotected void doSetDetails(javax.servlet.http.HttpServletRequest request, org.springframework.security.authentication.AbstractAuthenticationToken authRequest)
protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authResult) throws IOException, javax.servlet.ServletException
successfulAuthentication
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
request
- servlet request.response
- servlet response.authResult
- result of a successful authentication. If it is a CrowdSSOAuthenticationToken
then the SSO token will be set to the "credentials" property.IOException
- not thrown.javax.servlet.ServletException
protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed) throws IOException, javax.servlet.ServletException
unsuccessfulAuthentication
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
request
- servlet request.response
- servlet response.failed
- not required.IOException
- not thrown.javax.servlet.ServletException
public void setHttpAuthenticator(HttpAuthenticator httpAuthenticator)
httpAuthenticator
- used to extract validation factors, set cookies and perform logouts.public void setRequestToApplicationMapper(RequestToApplicationMapper requestToApplicationMapper)
requestToApplicationMapper
- only required if multiple Crowd "applications" need to
be accessed via the same Spring Security context, eg. when one web-application corresponds to
multiple Crowd "applications".public void setLoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint filterEntryPoint)
Copyright © 2016 Atlassian. All rights reserved.