com.atlassian.crowd.integration.springsecurity

Class AbstractLocalCrowdAuthenticationProcessingFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

com.atlassian.crowd.integration.springsecurity.AbstractCrowdSSOAuthenticationProcessingFilter

com.atlassian.crowd.integration.springsecurity.AbstractLocalCrowdAuthenticationProcessingFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

Direct Known Subclasses:

LocalCrowdSSOAuthenticationProcessingFilter

public abstract class AbstractLocalCrowdAuthenticationProcessingFilter
extends AbstractCrowdSSOAuthenticationProcessingFilter

Field Summary

Fields

Modifier and Type	Field and Description
protected PropertyManager	propertyManager
protected CrowdRememberMeService	rememberMeService
protected TokenAuthenticationManager	tokenAuthenticationManager

Fields inherited from class com.atlassian.crowd.integration.springsecurity.AbstractCrowdSSOAuthenticationProcessingFilter

clientProperties, SILENT_AUTHENTICATION_EXCEPTION_SWALLOWER, tokenHelper

Fields inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

SPRING_SECURITY_FORM_PASSWORD_KEY, SPRING_SECURITY_FORM_USERNAME_KEY

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

authenticationDetailsSource, eventPublisher, messages

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	AbstractLocalCrowdAuthenticationProcessingFilter(ClientProperties clientProperties, CrowdHttpTokenHelper tokenHelper, PropertyManager propertyManager, TokenAuthenticationManager tokenAuthenticationManager, CrowdRememberMeService rememberMeService)

Method Summary

Modifier and Type	Method and Description
protected void	appendSuppliers(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, com.google.common.collect.ImmutableList.Builder<org.apache.commons.lang3.tuple.Pair<Supplier<org.springframework.security.authentication.AbstractAuthenticationToken>,Consumer<org.springframework.security.core.AuthenticationException>>> builder)
protected void	clearRememberMeToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected CookieConfiguration	getCookieConfiguration()
protected void	successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain, org.springframework.security.core.Authentication authResult) Attempts to write out the successful SSO token to a cookie, if an SSO token was generated and stored via the AuthenticationProvider.
protected abstract boolean	userWantsToBeRemembered(javax.servlet.http.HttpServletRequest request)

Methods inherited from class com.atlassian.crowd.integration.springsecurity.AbstractCrowdSSOAuthenticationProcessingFilter

canUseSavedRequestToAuthenticate, doSetDetails, getAuthenticatedToken, getAuthenticationDetails, getSavedPath, onUnsuccessfulAuthentication, requiresAuthentication, setDetails, setLoginUrlAuthenticationEntryPoint, setRequestToApplicationMapper, storeTokenIfCrowd, unsuccessfulAuthentication

Methods inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

attemptAuthentication, getPasswordParameter, getUsernameParameter, obtainPassword, obtainUsername, setPasswordParameter, setPostOnly, setUsernameParameter

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

propertyManager

protected final PropertyManager propertyManager

tokenAuthenticationManager

protected final TokenAuthenticationManager tokenAuthenticationManager

rememberMeService

protected final CrowdRememberMeService rememberMeService

Constructor Detail

AbstractLocalCrowdAuthenticationProcessingFilter

protected AbstractLocalCrowdAuthenticationProcessingFilter(ClientProperties clientProperties,
                                                           CrowdHttpTokenHelper tokenHelper,
                                                           PropertyManager propertyManager,
                                                           TokenAuthenticationManager tokenAuthenticationManager,
                                                           CrowdRememberMeService rememberMeService)

Method Detail

getCookieConfiguration

protected CookieConfiguration getCookieConfiguration()

Specified by:

getCookieConfiguration in class AbstractCrowdSSOAuthenticationProcessingFilter

appendSuppliers

protected void appendSuppliers(javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response,
                               com.google.common.collect.ImmutableList.Builder<org.apache.commons.lang3.tuple.Pair<Supplier<org.springframework.security.authentication.AbstractAuthenticationToken>,Consumer<org.springframework.security.core.AuthenticationException>>> builder)

Overrides:

appendSuppliers in class AbstractCrowdSSOAuthenticationProcessingFilter

successfulAuthentication

protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        javax.servlet.FilterChain filterChain,
                                        org.springframework.security.core.Authentication authResult)
                                 throws IOException,
                                        javax.servlet.ServletException

Description copied from class: AbstractCrowdSSOAuthenticationProcessingFilter

Attempts to write out the successful SSO token to a cookie, if an SSO token was generated and stored via the AuthenticationProvider.

This effectively establishes SSO when using the CrowdAuthenticationProvider in conjunction with this filter.

Overrides:

successfulAuthentication in class AbstractCrowdSSOAuthenticationProcessingFilter

Parameters:

request - servlet request.

response - servlet response.

authResult - result of a successful authentication. If it is a CrowdSSOAuthenticationToken then the SSO token will be set to the "credentials" property.

Throws:

IOException - not thrown.

javax.servlet.ServletException

clearRememberMeToken

protected void clearRememberMeToken(javax.servlet.http.HttpServletRequest request,
                                    javax.servlet.http.HttpServletResponse response)

userWantsToBeRemembered

protected abstract boolean userWantsToBeRemembered(javax.servlet.http.HttpServletRequest request)