org.acegisecurity.ui.x509
Class X509ProcessingFilter

java.lang.Object
  extended by org.acegisecurity.ui.x509.X509ProcessingFilter
All Implemented Interfaces:
javax.servlet.Filter, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware

public class X509ProcessingFilter
extends Object
implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware

Processes the X.509 certificate submitted by a client browser when HTTPS is used with client-authentication enabled.

An X509AuthenticationToken is created with the certificate as the credentials.

The configured authentication manager is expected to supply a provider which can handle this token (usually an instance of X509AuthenticationProvider).

If authentication is successful, an InteractiveAuthenticationSuccessEvent will be published to the application context. No events will be published if authentication was unsuccessful, because this would generally be recorded via an AuthenticationManager-specific application event.

Do not use this class directly. Instead configure web.xml to use the FilterToBeanProxy.

Version:
$Id: X509ProcessingFilter.java 1784 2007-02-24 21:00:24Z luke_t $
Author:
Luke Taylor

Constructor Summary
X509ProcessingFilter()
           
 
Method Summary
 void afterPropertiesSet()
           
 void destroy()
           
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain)
          This method first checks for an existing, non-null authentication in the secure context.
 void init(javax.servlet.FilterConfig ignored)
           
 void setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher context)
           
 void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)
           
 void setAuthenticationManager(AuthenticationManager authenticationManager)
           
protected  void successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authResult)
          Puts the Authentication instance returned by the authentication manager into the secure context.
protected  void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException failed)
          Ensures the authentication object in the secure context is set to null when authentication fails.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

X509ProcessingFilter

public X509ProcessingFilter()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
Throws:
Exception

destroy

public void destroy()
Specified by:
destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain filterChain)
              throws IOException,
                     javax.servlet.ServletException
This method first checks for an existing, non-null authentication in the secure context. If one is found it does nothing.

If no authentication object exists, it attempts to obtain the client authentication certificate from the request. If there is no certificate present then authentication is skipped. Otherwise a new authentication request containing the certificate will be passed to the configured AuthenticationManager.

If authentication is successful the returned token will be stored in the secure context. Otherwise it will be set to null. In either case, the request proceeds through the filter chain.

Specified by:
doFilter in interface javax.servlet.Filter
Parameters:
request - DOCUMENT ME!
response - DOCUMENT ME!
filterChain - DOCUMENT ME!
Throws:
IOException - DOCUMENT ME!
javax.servlet.ServletException - DOCUMENT ME!

init

public void init(javax.servlet.FilterConfig ignored)
          throws javax.servlet.ServletException
Specified by:
init in interface javax.servlet.Filter
Throws:
javax.servlet.ServletException

setApplicationEventPublisher

public void setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher context)
Specified by:
setApplicationEventPublisher in interface org.springframework.context.ApplicationEventPublisherAware

setAuthenticationDetailsSource

public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource)

setAuthenticationManager

public void setAuthenticationManager(AuthenticationManager authenticationManager)

successfulAuthentication

protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        Authentication authResult)
                                 throws IOException
Puts the Authentication instance returned by the authentication manager into the secure context.

Parameters:
request - DOCUMENT ME!
response - DOCUMENT ME!
authResult - DOCUMENT ME!
Throws:
IOException - DOCUMENT ME!

unsuccessfulAuthentication

protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response,
                                          AuthenticationException failed)
Ensures the authentication object in the secure context is set to null when authentication fails.

Parameters:
request - DOCUMENT ME!
response - DOCUMENT ME!
failed - DOCUMENT ME!


Copyright © 2004-2011 Interface21, Inc. All Rights Reserved.