public class

InsecureChannelProcessor

extends Object
implements InitializingBean ChannelProcessor
java.lang.Object
   ↳ org.springframework.security.web.access.channel.InsecureChannelProcessor

Class Overview

Ensures channel security is inactive by review of HttpServletRequest.isSecure() responses.

The class responds to one case-sensitive keyword, getInsecureKeyword(). If this keyword is detected, HttpServletRequest.isSecure() is used to determine the channel security offered. If channel security is present, the configured ChannelEntryPoint is called. By default the entry point is RetryWithHttpEntryPoint.

The default insecureKeyword is REQUIRES_INSECURE_CHANNEL.

Summary

Public Constructors
InsecureChannelProcessor()
Public Methods
void afterPropertiesSet()
void decide(FilterInvocation invocation, Collection<ConfigAttribute> config)
Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
ChannelEntryPoint getEntryPoint()
String getInsecureKeyword()
void setEntryPoint(ChannelEntryPoint entryPoint)
void setInsecureKeyword(String secureKeyword)
boolean supports(ConfigAttribute attribute)
Indicates whether this ChannelProcessor is able to process the passed ConfigAttribute.
[Expand]
Inherited Methods
From class java.lang.Object
From interface org.springframework.beans.factory.InitializingBean
From interface org.springframework.security.web.access.channel.ChannelProcessor

Public Constructors

public InsecureChannelProcessor ()

Public Methods

public void afterPropertiesSet ()

Throws
Exception

public void decide (FilterInvocation invocation, Collection<ConfigAttribute> config)

Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.

Throws
IOException
ServletException

public ChannelEntryPoint getEntryPoint ()

public String getInsecureKeyword ()

public void setEntryPoint (ChannelEntryPoint entryPoint)

public void setInsecureKeyword (String secureKeyword)

public boolean supports (ConfigAttribute attribute)

Indicates whether this ChannelProcessor is able to process the passed ConfigAttribute.

This allows the ChannelProcessingFilter to check every configuration attribute can be consumed by the configured ChannelDecisionManager.

Parameters
attribute a configuration attribute that has been configured against the ChannelProcessingFilter.
Returns
  • true if this ChannelProcessor can support the passed configuration attribute