Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity.ui.x509
Class X509ProcessingFilter

java.lang.Object
  extended by org.acegisecurity.ui.x509.X509ProcessingFilter
All Implemented Interfaces:
javax.servlet.Filter, InitializingBean, ApplicationEventPublisherAware
public class X509ProcessingFilter
extends Object
implements javax.servlet.Filter, InitializingBean, ApplicationEventPublisherAware

Processes the X.509 certificate submitted by a client browser when HTTPS is used with client-authentication enabled.

An X509AuthenticationToken is created with the certificate as the credentials.

The configured authentication manager is expected to supply a provider which can handle this token (usually an instance of X509AuthenticationProvider).

If authentication is successful, an InteractiveAuthenticationSuccessEvent will be published to the application context. No events will be published if authentication was unsuccessful, because this would generally be recorded via an AuthenticationManager-specific application event.

Do not use this class directly. Instead configure web.xml to use the FilterToBeanProxy.

Version:
$Id: X509ProcessingFilter.java,v 1.13 2005/11/17 00:56:28 benalex Exp $
Author:
Luke Taylor

Constructor Summary
X509ProcessingFilter()
           
 
Method Summary
 void afterPropertiesSet()
           
 void destroy()
           
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain)
          This method first checks for an existing, non-null authentication in the secure context.
 void init(javax.servlet.FilterConfig ignored)
           
 void setApplicationEventPublisher(ApplicationEventPublisher context)
           
 void setAuthenticationManager(AuthenticationManager authenticationManager)
           
protected  void successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authResult)
          Puts the Authentication instance returned by the authentication manager into the secure context.
protected  void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException failed)
          Ensures the authentication object in the secure context is set to null when authentication fails.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

X509ProcessingFilter

public X509ProcessingFilter()
Method Detail

setApplicationEventPublisher

public void setApplicationEventPublisher(ApplicationEventPublisher context)
Specified by:
setApplicationEventPublisher in interface ApplicationEventPublisherAware

setAuthenticationManager

public void setAuthenticationManager(AuthenticationManager authenticationManager)

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Throws:
Exception

destroy

public void destroy()
Specified by:
destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain filterChain)
              throws IOException,
                     javax.servlet.ServletException
This method first checks for an existing, non-null authentication in the secure context. If one is found it does nothing.

If no authentication object exists, it attempts to obtain the client authentication certificate from the request. If there is no certificate present then authentication is skipped. Otherwise a new authentication request containing the certificate will be passed to the configured AuthenticationManager.

If authentication is successful the returned token will be stored in the secure context. Otherwise it will be set to null. In either case, the request proceeds through the filter chain.

Specified by:
doFilter in interface javax.servlet.Filter
Parameters:
request - DOCUMENT ME!
response - DOCUMENT ME!
filterChain - DOCUMENT ME!
Throws:
IOException - DOCUMENT ME!
javax.servlet.ServletException - DOCUMENT ME!

init

public void init(javax.servlet.FilterConfig ignored)
          throws javax.servlet.ServletException
Specified by:
init in interface javax.servlet.Filter
Throws:
javax.servlet.ServletException

successfulAuthentication

protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        Authentication authResult)
                                 throws IOException
Puts the Authentication instance returned by the authentication manager into the secure context.

Parameters:
request - DOCUMENT ME!
response - DOCUMENT ME!
authResult - DOCUMENT ME!
Throws:
IOException - DOCUMENT ME!

unsuccessfulAuthentication

protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response,
                                          AuthenticationException failed)
Ensures the authentication object in the secure context is set to null when authentication fails.

Parameters:
request - DOCUMENT ME!
response - DOCUMENT ME!
failed - DOCUMENT ME!
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2005 Acegi Technology Pty Limited. All Rights Reserved.