public abstract class

SaveContextOnUpdateOrErrorResponseWrapper

extends HttpServletResponseWrapper

java.lang.Object
↳	javax.servlet.ServletResponseWrapper
	↳	javax.servlet.http.HttpServletResponseWrapper
		↳	org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper

Class Overview

Base class for response wrappers which encapsulate the logic for storing a security context and which store the with the SecurityContext when a sendError() or sendRedirect happens. See issue SEC-398.

Sub-classes should implement the saveContext(SecurityContext) method.

Support is also provided for disabling URL rewriting

Summary

[Expand]

Inherited Constants

From interface javax.servlet.http.HttpServletResponse

int	SC_ACCEPTED
int	SC_BAD_GATEWAY
int	SC_BAD_REQUEST
int	SC_CONFLICT
int	SC_CONTINUE
int	SC_CREATED
int	SC_EXPECTATION_FAILED
int	SC_FORBIDDEN
int	SC_FOUND
int	SC_GATEWAY_TIMEOUT
int	SC_GONE
int	SC_HTTP_VERSION_NOT_SUPPORTED
int	SC_INTERNAL_SERVER_ERROR
int	SC_LENGTH_REQUIRED
int	SC_METHOD_NOT_ALLOWED
int	SC_MOVED_PERMANENTLY
int	SC_MOVED_TEMPORARILY
int	SC_MULTIPLE_CHOICES
int	SC_NON_AUTHORITATIVE_INFORMATION
int	SC_NOT_ACCEPTABLE
int	SC_NOT_FOUND
int	SC_NOT_IMPLEMENTED
int	SC_NOT_MODIFIED
int	SC_NO_CONTENT
int	SC_OK
int	SC_PARTIAL_CONTENT
int	SC_PAYMENT_REQUIRED
int	SC_PRECONDITION_FAILED
int	SC_PROXY_AUTHENTICATION_REQUIRED
int	SC_REQUESTED_RANGE_NOT_SATISFIABLE
int	SC_REQUEST_ENTITY_TOO_LARGE
int	SC_REQUEST_TIMEOUT
int	SC_REQUEST_URI_TOO_LONG
int	SC_RESET_CONTENT
int	SC_SEE_OTHER
int	SC_SERVICE_UNAVAILABLE
int	SC_SWITCHING_PROTOCOLS
int	SC_TEMPORARY_REDIRECT
int	SC_UNAUTHORIZED
int	SC_UNSUPPORTED_MEDIA_TYPE
int	SC_USE_PROXY

Public Constructors
	SaveContextOnUpdateOrErrorResponseWrapper(HttpServletResponse response, boolean disableUrlRewriting)

Public Methods
final String	encodeRedirectURL(String url)
final String	encodeRedirectUrl(String url)
final String	encodeURL(String url)
final String	encodeUrl(String url)
final boolean	isContextSaved() Tells if the response wrapper has called `saveContext()` because of an error or redirect.
final void	sendError(int sc) Makes sure the session is updated before calling the superclass `sendError()`
final void	sendError(int sc, String msg) Makes sure the session is updated before calling the superclass `sendError()`
final void	sendRedirect(String location) Makes sure the context is stored before calling the superclass `sendRedirect()`

Protected Methods
abstract void	saveContext(SecurityContext context) Implements the logic for storing the security context.

[Expand]

Inherited Methods

From class javax.servlet.http.HttpServletResponseWrapper

void	addCookie(Cookie arg0)
void	addDateHeader(String arg0, long arg1)
void	addHeader(String arg0, String arg1)
void	addIntHeader(String arg0, int arg1)
boolean	containsHeader(String arg0)
String	encodeRedirectURL(String arg0)
String	encodeRedirectUrl(String arg0)
String	encodeURL(String arg0)
String	encodeUrl(String arg0)
void	sendError(int arg0, String arg1)
void	sendError(int arg0)
void	sendRedirect(String arg0)
void	setDateHeader(String arg0, long arg1)
void	setHeader(String arg0, String arg1)
void	setIntHeader(String arg0, int arg1)
void	setStatus(int arg0)
void	setStatus(int arg0, String arg1)

From class javax.servlet.ServletResponseWrapper

void	flushBuffer()
int	getBufferSize()
String	getCharacterEncoding()
String	getContentType()
Locale	getLocale()
ServletOutputStream	getOutputStream()
ServletResponse	getResponse()
PrintWriter	getWriter()
boolean	isCommitted()
void	reset()
void	resetBuffer()
void	setBufferSize(int arg0)
void	setCharacterEncoding(String arg0)
void	setContentLength(int arg0)
void	setContentType(String arg0)
void	setLocale(Locale arg0)
void	setResponse(ServletResponse arg0)

From class java.lang.Object

From interface javax.servlet.ServletResponse

abstract void	flushBuffer()
abstract int	getBufferSize()
abstract String	getCharacterEncoding()
abstract String	getContentType()
abstract Locale	getLocale()
abstract ServletOutputStream	getOutputStream()
abstract PrintWriter	getWriter()
abstract boolean	isCommitted()
abstract void	reset()
abstract void	resetBuffer()
abstract void	setBufferSize(int arg0)
abstract void	setCharacterEncoding(String arg0)
abstract void	setContentLength(int arg0)
abstract void	setContentType(String arg0)
abstract void	setLocale(Locale arg0)

From interface javax.servlet.http.HttpServletResponse

abstract void	addCookie(Cookie arg0)
abstract void	addDateHeader(String arg0, long arg1)
abstract void	addHeader(String arg0, String arg1)
abstract void	addIntHeader(String arg0, int arg1)
abstract boolean	containsHeader(String arg0)
abstract String	encodeRedirectURL(String arg0)
abstract String	encodeRedirectUrl(String arg0)
abstract String	encodeURL(String arg0)
abstract String	encodeUrl(String arg0)
abstract void	sendError(int arg0, String arg1)
abstract void	sendError(int arg0)
abstract void	sendRedirect(String arg0)
abstract void	setDateHeader(String arg0, long arg1)
abstract void	setHeader(String arg0, String arg1)
abstract void	setIntHeader(String arg0, int arg1)
abstract void	setStatus(int arg0)
abstract void	setStatus(int arg0, String arg1)

Public Constructors

public SaveContextOnUpdateOrErrorResponseWrapper (HttpServletResponse response, boolean disableUrlRewriting)

Parameters

response	the response to be wrapped
disableUrlRewriting	turns the URL encoding methods into null operations, preventing the use of URL rewriting to add the session identifier as a URL parameter.

Public Methods

public final String encodeRedirectURL (String url)

public final String encodeRedirectUrl (String url)

public final String encodeURL (String url)

public final String encodeUrl (String url)

public final boolean isContextSaved ()

Tells if the response wrapper has called saveContext() because of an error or redirect.

public final void sendError (int sc)

Makes sure the session is updated before calling the superclass sendError()

Throws

IOException

public final void sendError (int sc, String msg)

Makes sure the session is updated before calling the superclass sendError()

Throws

IOException

public final void sendRedirect (String location)

Makes sure the context is stored before calling the superclass sendRedirect()

Throws

IOException

Protected Methods

protected abstract void saveContext (SecurityContext context)

Implements the logic for storing the security context.

Parameters

context	the `SecurityContext` instance to store

Interfaces

Classes

SaveContextOnUpdateOrErrorResponseWrapper

Class Overview

Summary

Public Constructors

public SaveContextOnUpdateOrErrorResponseWrapper (HttpServletResponse response, boolean disableUrlRewriting)

Parameters

Public Methods

public final String encodeRedirectURL (String url)

public final String encodeRedirectUrl (String url)

public final String encodeURL (String url)

public final String encodeUrl (String url)

public final boolean isContextSaved ()

public final void sendError (int sc)

Throws

public final void sendError (int sc, String msg)

Throws

public final void sendRedirect (String location)

Throws

Protected Methods

protected abstract void saveContext (SecurityContext context)

Parameters