public class

SecureChannelProcessor

extends Object
implements InitializingBean ChannelProcessor
java.lang.Object
   ↳ org.springframework.security.web.access.channel.SecureChannelProcessor

Class Overview

Ensures channel security is active by review of HttpServletRequest.isSecure() responses.

The class responds to one case-sensitive keyword, getSecureKeyword(). If this keyword is detected, HttpServletRequest.isSecure() is used to determine the channel security offered. If channel security is not present, the configured ChannelEntryPoint is called. By default the entry point is RetryWithHttpsEntryPoint.

The default secureKeyword is REQUIRES_SECURE_CHANNEL.

Summary

Public Constructors
SecureChannelProcessor()
Public Methods
void afterPropertiesSet()
void decide(FilterInvocation invocation, Collection<ConfigAttribute> config)
Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
ChannelEntryPoint getEntryPoint()
String getSecureKeyword()
void setEntryPoint(ChannelEntryPoint entryPoint)
void setSecureKeyword(String secureKeyword)
boolean supports(ConfigAttribute attribute)
Indicates whether this ChannelProcessor is able to process the passed ConfigAttribute.
[Expand]
Inherited Methods
From class java.lang.Object
From interface org.springframework.beans.factory.InitializingBean
From interface org.springframework.security.web.access.channel.ChannelProcessor

Public Constructors

public SecureChannelProcessor ()

Public Methods

public void afterPropertiesSet ()

Throws
Exception

public void decide (FilterInvocation invocation, Collection<ConfigAttribute> config)

Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.

Throws
IOException
ServletException

public ChannelEntryPoint getEntryPoint ()

public String getSecureKeyword ()

public void setEntryPoint (ChannelEntryPoint entryPoint)

public void setSecureKeyword (String secureKeyword)

public boolean supports (ConfigAttribute attribute)

Indicates whether this ChannelProcessor is able to process the passed ConfigAttribute.

This allows the ChannelProcessingFilter to check every configuration attribute can be consumed by the configured ChannelDecisionManager.

Parameters
attribute a configuration attribute that has been configured against the ChannelProcessingFilter.
Returns
  • true if this ChannelProcessor can support the passed configuration attribute