ContextPropagatingRemoteInvocation
extends RemoteInvocation| java.lang.Object | ||
| ↳ | org.springframework.remoting.support.RemoteInvocation | |
| ↳ | org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation | |
Class Overview
The actual RemoteInvocation that is passed from the client to the server.
The principal and credentials information will be extracted from the current security context and passed to the server as part of the invocation object.
To avoid potential serialization-based attacks, this implementation interprets the values as Strings
and creates a UsernamePasswordAuthenticationToken on the server side to hold them. If a different
token type is required you can override the createAuthenticationRequest method.
Summary
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Constructs the object, storing the principal and credentials extracted from the client-side
security context.
| |||||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Invoked on the server-side.
| |||||||||||
| Protected Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Creates the server-side authentication request object.
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
org.springframework.remoting.support.RemoteInvocation
| |||||||||||
|
From class
java.lang.Object
| |||||||||||
Public Constructors
public ContextPropagatingRemoteInvocation (MethodInvocation methodInvocation)
Constructs the object, storing the principal and credentials extracted from the client-side security context.
Parameters
| methodInvocation | the method to invoke |
|---|
Public Methods
public Object invoke (Object targetObject)
Invoked on the server-side.
The transmitted principal and credentials will be used to create an unauthenticated Authentication
instance for processing by the AuthenticationManager.
Parameters
| targetObject | the target object to apply the invocation to |
|---|
Returns
- the invocation result
Throws
| NoSuchMethodException | if the method name could not be resolved |
|---|---|
| IllegalAccessException | if the method could not be accessed |
| InvocationTargetException | if the method invocation resulted in an exception |
Protected Methods
protected Authentication createAuthenticationRequest (String principal, String credentials)
Creates the server-side authentication request object.