java.lang.Object | ||
↳ | org.springframework.web.filter.GenericFilterBean | |
↳ | org.springframework.security.web.jaasapi.JaasApiIntegrationFilter |
A Filter
which attempts to obtain a JAAS Subject
and continue the FilterChain
running as that
Subject
.
By using this Filter
in conjunction with Spring's
JaasAuthenticationProvider
both Spring's
SecurityContext
and a JAAS Subject
can be populated
simultaneously. This is useful when integrating with code that requires a
JAAS Subject
to be populated.
[Expand]
Inherited Fields | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
org.springframework.web.filter.GenericFilterBean
|
Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Attempts to obtain and run as a JAAS | |||||||||||
Sets
createEmptySubject . |
Protected Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Obtains the |
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
org.springframework.web.filter.GenericFilterBean
| |||||||||||
From class
java.lang.Object
| |||||||||||
From interface
javax.servlet.Filter
| |||||||||||
From interface
org.springframework.beans.factory.BeanNameAware
| |||||||||||
From interface
org.springframework.beans.factory.DisposableBean
| |||||||||||
From interface
org.springframework.beans.factory.InitializingBean
| |||||||||||
From interface
org.springframework.web.context.ServletContextAware
|
Attempts to obtain and run as a JAAS Subject
using
obtainSubject(ServletRequest)
.
If the Subject
is null
and
createEmptySubject is true
, an empty, writeable
Subject
is used. This allows for the Subject
to
be populated at the time of login. If the Subject
is
null
, the FilterChain
continues with no
additional processing. If the Subject
is not
null
, the FilterChain
is ran with
doAs(Subject, PrivilegedExceptionAction)
in conjunction
with the Subject
obtained.
IOException | |
---|---|
ServletException |
Sets createEmptySubject
. If the value is true
,
and obtainSubject(ServletRequest)
returns null
, an
empty, writeable Subject
is created instead. Otherwise no
Subject
is used. The default is false
.
createEmptySubject | the new value |
---|
Obtains the Subject
to run as or null
if no
Subject
is available.
The default implementation attempts to obtain the Subject
from the SecurityContext
's Authentication
. If
it is of type JaasAuthenticationToken
and is authenticated,
the Subject
is returned from it. Otherwise,
null
is returned.
request | the current ServletRequest |
---|
null
if no
Subject
is available.