org.springframework.security.web.context.SecurityContextRepository |
Known Indirect Subclasses |
Strategy used for persisting a SecurityContext
between requests.
Used by SecurityContextPersistenceFilter
to obtain the context which should be used for the current thread
of execution and to store the context once it has been removed from thread-local storage and the request has
completed.
The persistence mechanism used will depend on the implementation, but most commonly the HttpSession will be used to store the context.
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Allows the repository to be queried as to whether it contains a security context for the
current request.
| |||||||||||
Obtains the security context for the supplied request.
| |||||||||||
Stores the security context on completion of a request.
|
Allows the repository to be queried as to whether it contains a security context for the current request.
request | the current request |
---|
Obtains the security context for the supplied request. For an unauthenticated user, an empty context implementation should be returned. This method should not return null.
The use of the HttpRequestResponseHolder parameter allows implementations to return wrapped versions of
the request or response (or both), allowing them to access implementation-specific state for the request.
The values obtained from the holder will be passed on to the filter chain and also to the saveContext
method when it is finally called. Implementations may wish to return a subclass of
SaveContextOnUpdateOrErrorResponseWrapper
as the response object, which guarantees that the context is
persisted when an error or redirect occurs.
requestResponseHolder | holder for the current request and response for which the context should be loaded. |
---|
Stores the security context on completion of a request.
context | the non-null context which was obtained from the holder. |
---|