Class ChannelProcessingFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.security.web.access.channel.ChannelProcessingFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class ChannelProcessingFilter extends org.springframework.web.filter.GenericFilterBean
Ensures a web request is delivered over the required channel.Internally uses a
FilterInvocation
to represent the request, allowing aFilterInvocationSecurityMetadataSource
to be used to lookup the attributes which apply.Delegates the actual channel security decisions and necessary actions to the configured
ChannelDecisionManager
. If a response is committed by theChannelDecisionManager
, the filter chain will not proceed.The most common usage is to ensure that a request takes place over HTTPS, where the
ChannelDecisionManagerImpl
is configured with aSecureChannelProcessor
and anInsecureChannelProcessor
. A typical configuration would be<bean id="channelProcessingFilter" class="org.springframework.security.web.access.channel.ChannelProcessingFilter"> <property name="channelDecisionManager" ref="channelDecisionManager"/> <property name="securityMetadataSource"> <security:filter-security-metadata-source request-matcher="regex"> <security:intercept-url pattern="\A/secure/.*\Z" access="REQUIRES_SECURE_CHANNEL"/> <security:intercept-url pattern="\A/login.jsp.*\Z" access="REQUIRES_SECURE_CHANNEL"/> <security:intercept-url pattern="\A/.*\Z" access="ANY_CHANNEL"/> </security:filter-security-metadata-source> </property> </bean> <bean id="channelDecisionManager" class="org.springframework.security.web.access.channel.ChannelDecisionManagerImpl"> <property name="channelProcessors"> <list> <ref bean="secureChannelProcessor"/> <ref bean="insecureChannelProcessor"/> </list> </property> </bean> <bean id="secureChannelProcessor" class="org.springframework.security.web.access.channel.SecureChannelProcessor"/> <bean id="insecureChannelProcessor" class="org.springframework.security.web.access.channel.InsecureChannelProcessor"/>
which would force the login form and any access to the/secure
path to be made over HTTPS.
-
-
Constructor Summary
Constructors Constructor Description ChannelProcessingFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
afterPropertiesSet()
void
doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain)
protected ChannelDecisionManager
getChannelDecisionManager()
protected FilterInvocationSecurityMetadataSource
getSecurityMetadataSource()
void
setChannelDecisionManager(ChannelDecisionManager channelDecisionManager)
void
setSecurityMetadataSource(FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource)
-
-
-
Method Detail
-
afterPropertiesSet
public void afterPropertiesSet()
- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
- Overrides:
afterPropertiesSet
in classorg.springframework.web.filter.GenericFilterBean
-
doFilter
public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
- Throws:
java.io.IOException
javax.servlet.ServletException
-
getChannelDecisionManager
protected ChannelDecisionManager getChannelDecisionManager()
-
getSecurityMetadataSource
protected FilterInvocationSecurityMetadataSource getSecurityMetadataSource()
-
setChannelDecisionManager
public void setChannelDecisionManager(ChannelDecisionManager channelDecisionManager)
-
setSecurityMetadataSource
public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource)
-
-