public
class
implements InitializingBean
AnonymousAuthenticationFilter
extends GenericFilterBeanimplements InitializingBean
| java.lang.Object | ||
| ↳ | org.springframework.web.filter.GenericFilterBean | |
| ↳ | org.springframework.security.web.authentication.AnonymousAuthenticationFilter | |
Class Overview
Detects if there is no Authentication object in the SecurityContextHolder, and
populates it with one if needed.
Summary
|
[Expand]
Inherited Fields | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
 From class
org.springframework.web.filter.GenericFilterBean
| |||||||||||
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
This constructor is deprecated.
Use constructor injection version
| |||||||||||
Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
| |||||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
This method is deprecated.
use constructor injection instead
| |||||||||||
This method is deprecated.
use constructor injection instead
| |||||||||||
| Protected Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
This method is deprecated.
no obvious use case and can easily be achieved by other means
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
From class
org.springframework.web.filter.GenericFilterBean
| |||||||||||
|
From class
java.lang.Object
| |||||||||||
|
From interface
javax.servlet.Filter
| |||||||||||
|
From interface
org.springframework.beans.factory.BeanNameAware
| |||||||||||
|
From interface
org.springframework.beans.factory.DisposableBean
| |||||||||||
|
From interface
org.springframework.beans.factory.InitializingBean
| |||||||||||
|
From interface
org.springframework.web.context.ServletContextAware
| |||||||||||
Public Constructors
public AnonymousAuthenticationFilter ()
This constructor is deprecated.
Use constructor injection version
public AnonymousAuthenticationFilter (String key)
Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
Parameters
| key | the key to identify tokens created by this filter |
|---|
public AnonymousAuthenticationFilter (String key, Object principal, List<GrantedAuthority> authorities)
Parameters
| key | key the key to identify tokens created by this filter |
|---|---|
| principal | the principal which will be used to represent anonymous users |
| authorities | the authority list for anonymous users |
Public Methods
public void afterPropertiesSet ()
public void doFilter (ServletRequest req, ServletResponse res, FilterChain chain)
Throws
| IOException | |
|---|---|
| ServletException |
public void setAuthenticationDetailsSource (AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource)
public void setUserAttribute (UserAttribute userAttributeDefinition)
This method is deprecated.
use constructor injection instead
Protected Methods
protected boolean applyAnonymousForThisRequest (HttpServletRequest request)
This method is deprecated.
no obvious use case and can easily be achieved by other means
Enables subclasses to determine whether or not an anonymous authentication token should be setup for this request. This is useful if anonymous authentication should be allowed only for specific IP subnet ranges etc.
Parameters
| request | to assist the method determine request details |
|---|
Returns
trueif the anonymous token should be setup for this request (provided that the request doesn't already have some otherAuthenticationinside it), orfalseif no anonymous token should be setup for this request