| java.lang.Object org.acegisecurity.ui.AbstractProcessingFilter org.acegisecurity.ui.cas.CasProcessingFilter
CasProcessingFilter | public class CasProcessingFilter extends AbstractProcessingFilter (Code) | | Processes a CAS service ticket. A service ticket consists of an opaque ticket string. It arrives at this
filter by the user's browser successfully authenticating using CAS, and then receiving a HTTP redirect to a
service . The opaque ticket string is presented in the ticket request parameter. This
filter monitors the service URL so it can receive the service ticket and process it. The CAS server
knows which service URL to use via the
ServiceProperties.getService method.
Processing the service ticket involves creating a UsernamePasswordAuthenticationToken which
uses
CasProcessingFilter.CAS_STATEFUL_IDENTIFIER for the principal and the opaque ticket string as the
credentials .
The configured AuthenticationManager is expected to provide a provider that can recognise
UsernamePasswordAuthenticationToken s containing this special principal name, and process
them accordingly by validation with the CAS server.
Do not use this class directly. Instead configure web.xml to use the
org.acegisecurity.util.FilterToBeanProxy .
author: Ben Alex version: $Id: CasProcessingFilter.java 1496 2006-05-23 13:38:33Z benalex $ |
Field Summary | |
final public static String | CAS_STATEFUL_IDENTIFIER Used to identify a CAS request for a stateful user agent, such as a web browser. | final public static String | CAS_STATELESS_IDENTIFIER Used to identify a CAS request for a stateless user agent, such as a remoting protocol client (eg
Hessian, Burlap, SOAP etc). |
CAS_STATEFUL_IDENTIFIER | final public static String CAS_STATEFUL_IDENTIFIER(Code) | | Used to identify a CAS request for a stateful user agent, such as a web browser.
|
CAS_STATELESS_IDENTIFIER | final public static String CAS_STATELESS_IDENTIFIER(Code) | | Used to identify a CAS request for a stateless user agent, such as a remoting protocol client (eg
Hessian, Burlap, SOAP etc). Results in a more aggressive caching strategy being used, as the absence of a
HttpSession will result in a new authentication attempt on every request.
|
getDefaultFilterProcessesUrl | public String getDefaultFilterProcessesUrl()(Code) | | This filter by default responds to /j_acegi_cas_security_check .
the default |
Methods inherited from org.acegisecurity.ui.AbstractProcessingFilter | public void afterPropertiesSet() throws Exception(Code)(Java Doc) abstract public Authentication attemptAuthentication(HttpServletRequest request) throws AuthenticationException(Code)(Java Doc) public void destroy()(Code)(Java Doc) protected String determineFailureUrl(HttpServletRequest request, AuthenticationException failed)(Code)(Java Doc) protected String determineTargetUrl(HttpServletRequest request)(Code)(Java Doc) public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException(Code)(Java Doc) public AuthenticationDetailsSource getAuthenticationDetailsSource()(Code)(Java Doc) public String getAuthenticationFailureUrl()(Code)(Java Doc) public AuthenticationManager getAuthenticationManager()(Code)(Java Doc) abstract public String getDefaultFilterProcessesUrl()(Code)(Java Doc) public String getDefaultTargetUrl()(Code)(Java Doc) public Properties getExceptionMappings()(Code)(Java Doc) public String getFilterProcessesUrl()(Code)(Java Doc) public RememberMeServices getRememberMeServices()(Code)(Java Doc) public void init(FilterConfig arg0) throws ServletException(Code)(Java Doc) public boolean isAlwaysUseDefaultTargetUrl()(Code)(Java Doc) public boolean isContinueChainBeforeSuccessfulAuthentication()(Code)(Java Doc) public static String obtainFullRequestUrl(HttpServletRequest request)(Code)(Java Doc) protected void onPreAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException(Code)(Java Doc) protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException(Code)(Java Doc) protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException(Code)(Java Doc) protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response)(Code)(Java Doc) protected void sendRedirect(HttpServletRequest request, HttpServletResponse response, String url) throws IOException(Code)(Java Doc) public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl)(Code)(Java Doc) public void setApplicationEventPublisher(ApplicationEventPublisher eventPublisher)(Code)(Java Doc) public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)(Code)(Java Doc) public void setAuthenticationFailureUrl(String authenticationFailureUrl)(Code)(Java Doc) public void setAuthenticationManager(AuthenticationManager authenticationManager)(Code)(Java Doc) public void setBufferSize(int bufferSize)(Code)(Java Doc) public void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication)(Code)(Java Doc) public void setDefaultTargetUrl(String defaultTargetUrl)(Code)(Java Doc) public void setExceptionMappings(Properties exceptionMappings)(Code)(Java Doc) public void setFilterProcessesUrl(String filterProcessesUrl)(Code)(Java Doc) public void setMessageSource(MessageSource messageSource)(Code)(Java Doc) public void setRememberMeServices(RememberMeServices rememberMeServices)(Code)(Java Doc) public void setUseRelativeContext(boolean useRelativeContext)(Code)(Java Doc) protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException(Code)(Java Doc) protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException(Code)(Java Doc)
|
|
|