HttpFirewall

org.springframework.security.web.firewall.HttpFirewall

Known Indirect Subclasses

DefaultHttpFirewall

Class Overview

Interface which can be used to reject potentially dangerous requests and/or wrap them to control their behaviour.

The implementation is injected into the FilterChainProxy and will be invoked before sending any request through the filter chain. It can also provide a response wrapper if the response behaviour should also be restricted.

Summary

Public Methods
abstract FirewalledRequest	getFirewalledRequest(HttpServletRequest request) Provides the request object which will be passed through the filter chain.
abstract HttpServletResponse	getFirewalledResponse(HttpServletResponse response) Provides the response which will be passed through the filter chain.

Public Methods

public abstract FirewalledRequest getFirewalledRequest (HttpServletRequest request)

Provides the request object which will be passed through the filter chain.

Throws

RequestRejectedException	if the request should be rejected immediately

public abstract HttpServletResponse getFirewalledResponse (HttpServletResponse response)

Provides the response which will be passed through the filter chain.

Parameters

response	the original response

Returns

either the original response or a replacement/wrapper.

Interfaces

Classes

Exceptions