Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity.ui.digestauth
Class DigestProcessingFilterEntryPoint

java.lang.Object
  extended by org.acegisecurity.ui.digestauth.DigestProcessingFilterEntryPoint
All Implemented Interfaces:
AuthenticationEntryPoint, InitializingBean
public class DigestProcessingFilterEntryPoint
extends Object
implements AuthenticationEntryPoint, InitializingBean

Used by the SecurityEnforcementFilter to commence authentication via the DigestProcessingFilter.

The nonce sent back to the user agent will be valid for the period indicated by setNonceValiditySeconds(int). By default this is 300 seconds. Shorter times should be used if replay attacks are a major concern. Larger values can be used if performance is a greater concern. This class correctly presents the stale=true header when the nonce has expierd, so properly implemented user agents will automatically renegotiate with a new nonce value (ie without presenting a new password dialog box to the user).

Version:
$Id: DigestProcessingFilterEntryPoint.java,v 1.2 2005/11/17 00:56:10 benalex Exp $
Author:
Ben Alex

Constructor Summary
DigestProcessingFilterEntryPoint()
           
 
Method Summary
 void afterPropertiesSet()
           
 void commence(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, AuthenticationException authException)
          Commences an authentication scheme.
 String getKey()
           
 int getNonceValiditySeconds()
           
 String getRealmName()
           
 void setKey(String key)
           
 void setNonceValiditySeconds(int nonceValiditySeconds)
           
 void setRealmName(String realmName)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DigestProcessingFilterEntryPoint

public DigestProcessingFilterEntryPoint()
Method Detail

setKey

public void setKey(String key)

getKey

public String getKey()

setNonceValiditySeconds

public void setNonceValiditySeconds(int nonceValiditySeconds)

getNonceValiditySeconds

public int getNonceValiditySeconds()

setRealmName

public void setRealmName(String realmName)

getRealmName

public String getRealmName()

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Throws:
Exception

commence

public void commence(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     AuthenticationException authException)
              throws IOException,
                     javax.servlet.ServletException
Description copied from interface: AuthenticationEntryPoint
Commences an authentication scheme.

SecurityEnforcementFilter will populate the HttpSession attribute named AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY with the requested target URL before calling this method.

Implementations should modify the headers on the ServletResponse as necessary to commence the authentication process.

Specified by:
commence in interface AuthenticationEntryPoint
Parameters:
request - that resulted in an AuthenticationException
response - so that the user agent can begin authentication
authException - that caused the invocation
Throws:
IOException
javax.servlet.ServletException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2005 Acegi Technology Pty Limited. All Rights Reserved.