org.acegisecurity.intercept.web
Class FilterSecurityInterceptor
java.lang.Object
org.acegisecurity.intercept.AbstractSecurityInterceptor
org.acegisecurity.intercept.web.FilterSecurityInterceptor
- All Implemented Interfaces:
- InitializingBean, ApplicationEventPublisherAware, MessageSourceAware
public class FilterSecurityInterceptor
- extends AbstractSecurityInterceptor
Performs security handling of HTTP resources via a filter implementation.
End users should only use this class to configure their HTTP security
configuration in an application context. They should not attempt to
invoke the FilterSecurityInterceptor except as a standard bean
registration in an application context. At runtime, this class will provide
services to web applications via the SecurityEnforcementFilter.
The ObjectDefinitionSource required by this security
interceptor is of type FilterInvocationDefinitionSource.
Refer to AbstractSecurityInterceptor for details on the workflow.
- Version:
- $Id: FilterSecurityInterceptor.java,v 1.6 2005/11/17 00:55:50 benalex Exp $
- Author:
- Ben Alex
| Methods inherited from class org.acegisecurity.intercept.AbstractSecurityInterceptor |
afterInvocation, afterPropertiesSet, beforeInvocation, getAccessDecisionManager, getAfterInvocationManager, getAuthenticationManager, getRunAsManager, isAlwaysReauthenticate, isRejectPublicInvocations, isValidateConfigAttributes, setAccessDecisionManager, setAfterInvocationManager, setAlwaysReauthenticate, setApplicationEventPublisher, setAuthenticationManager, setMessageSource, setRejectPublicInvocations, setRunAsManager, setValidateConfigAttributes |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
FilterSecurityInterceptor
public FilterSecurityInterceptor()
setObjectDefinitionSource
public void setObjectDefinitionSource(FilterInvocationDefinitionSource newSource)
getObjectDefinitionSource
public FilterInvocationDefinitionSource getObjectDefinitionSource()
setObserveOncePerRequest
public void setObserveOncePerRequest(boolean observeOncePerRequest)
isObserveOncePerRequest
public boolean isObserveOncePerRequest()
- Indicates whether once-per-request handling will be observed. By default
this is
true, meaning the
FilterSecurityInterceptor will only execute
once-per-request. Sometimes users may wish it to execute more than once
per request, such as when JSP forwards are being used and filter
security is desired on each included fragment of the HTTP request.
- Returns:
true (the default) if once-per-request is honoured,
otherwise false if
FilterSecurityInterceptor will enforce
authorizations for each and every fragment of the HTTP request.
getSecureObjectClass
public Class getSecureObjectClass()
- Description copied from class:
AbstractSecurityInterceptor
- Indicates the type of secure objects the subclass will be presenting
to the abstract parent for processing. This is used to ensure
collaborators wired to the
AbstractSecurityInterceptor
all support the indicated secure object class.
- Specified by:
getSecureObjectClass in class AbstractSecurityInterceptor
- Returns:
- the type of secure object the subclass provides services for
invoke
public void invoke(FilterInvocation fi)
throws Throwable
- Throws:
Throwable
obtainObjectDefinitionSource
public ObjectDefinitionSource obtainObjectDefinitionSource()
- Specified by:
obtainObjectDefinitionSource in class AbstractSecurityInterceptor
Copyright © 2004-2005 Acegi Technology Pty Limited. All Rights Reserved.