public class DigestProcessingFilterEntryPoint extends Object implements AuthenticationEntryPoint, org.springframework.beans.factory.InitializingBean, org.springframework.core.Ordered
SecurityEnforcementFilter
to commence authentication via the DigestProcessingFilter
.The nonce sent back to the user agent will be valid for the period indicated by
setNonceValiditySeconds(int)
. By default this is 300 seconds. Shorter times should be used if replay
attacks are a major concern. Larger values can be used if performance is a greater concern. This class correctly
presents the stale=true
header when the nonce has expierd, so properly implemented user agents will
automatically renegotiate with a new nonce value (ie without presenting a new password dialog box to the user).
Constructor and Description |
---|
DigestProcessingFilterEntryPoint() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
void |
commence(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
AuthenticationException authException)
Commences an authentication scheme.
|
String |
getKey() |
int |
getNonceValiditySeconds() |
int |
getOrder() |
String |
getRealmName() |
void |
setKey(String key) |
void |
setNonceValiditySeconds(int nonceValiditySeconds) |
void |
setOrder(int order) |
void |
setRealmName(String realmName) |
public int getOrder()
getOrder
in interface org.springframework.core.Ordered
public void setOrder(int order)
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
Exception
public void commence(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, AuthenticationException authException) throws IOException, javax.servlet.ServletException
AuthenticationEntryPoint
SecurityEnforcementFilter
will populate the
HttpSession
attribute named
AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY
with the requested target URL before
calling this method.
Implementations should modify the headers on the ServletResponse
as necessary to
commence the authentication process.
commence
in interface AuthenticationEntryPoint
request
- that resulted in an AuthenticationException
response
- so that the user agent can begin authenticationauthException
- that caused the invocationIOException
- DOCUMENT ME!javax.servlet.ServletException
- DOCUMENT ME!public String getKey()
public int getNonceValiditySeconds()
public String getRealmName()
public void setKey(String key)
public void setNonceValiditySeconds(int nonceValiditySeconds)
public void setRealmName(String realmName)
Copyright © 2017. All rights reserved.