java.lang.Object |
↳ |
javax.servlet.ServletRequestWrapper |
|
↳ |
javax.servlet.http.HttpServletRequestWrapper |
|
|
↳ |
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper |
Class Overview
A Spring Security-aware HttpServletRequestWrapper
, which uses the
SecurityContext
-defined Authentication
object to implement the servlet API security
methods isUserInRole(String)
and getRemoteUser()
.
Summary
[Expand]
Inherited Constants |
From interface
javax.servlet.http.HttpServletRequest
|
[Expand]
Inherited Methods |
From class
javax.servlet.http.HttpServletRequestWrapper
String
|
getAuthType()
|
String
|
getContextPath()
|
Cookie[]
|
getCookies()
|
long
|
getDateHeader(String arg0)
|
String
|
getHeader(String arg0)
|
Enumeration
|
getHeaderNames()
|
Enumeration
|
getHeaders(String arg0)
|
int
|
getIntHeader(String arg0)
|
String
|
getMethod()
|
String
|
getPathInfo()
|
String
|
getPathTranslated()
|
String
|
getQueryString()
|
String
|
getRemoteUser()
|
String
|
getRequestURI()
|
StringBuffer
|
getRequestURL()
|
String
|
getRequestedSessionId()
|
String
|
getServletPath()
|
HttpSession
|
getSession(boolean arg0)
|
HttpSession
|
getSession()
|
Principal
|
getUserPrincipal()
|
boolean
|
isRequestedSessionIdFromCookie()
|
boolean
|
isRequestedSessionIdFromURL()
|
boolean
|
isRequestedSessionIdFromUrl()
|
boolean
|
isRequestedSessionIdValid()
|
boolean
|
isUserInRole(String arg0)
|
|
From class
javax.servlet.ServletRequestWrapper
|
From class
java.lang.Object
Object
|
clone()
|
boolean
|
equals(Object arg0)
|
void
|
finalize()
|
final
Class<?>
|
getClass()
|
int
|
hashCode()
|
final
void
|
notify()
|
final
void
|
notifyAll()
|
String
|
toString()
|
final
void
|
wait()
|
final
void
|
wait(long arg0, int arg1)
|
final
void
|
wait(long arg0)
|
|
From interface
javax.servlet.ServletRequest
abstract
Object
|
getAttribute(String arg0)
|
abstract
Enumeration
|
getAttributeNames()
|
abstract
String
|
getCharacterEncoding()
|
abstract
int
|
getContentLength()
|
abstract
String
|
getContentType()
|
abstract
ServletInputStream
|
getInputStream()
|
abstract
String
|
getLocalAddr()
|
abstract
String
|
getLocalName()
|
abstract
int
|
getLocalPort()
|
abstract
Locale
|
getLocale()
|
abstract
Enumeration
|
getLocales()
|
abstract
String
|
getParameter(String arg0)
|
abstract
Map
|
getParameterMap()
|
abstract
Enumeration
|
getParameterNames()
|
abstract
String[]
|
getParameterValues(String arg0)
|
abstract
String
|
getProtocol()
|
abstract
BufferedReader
|
getReader()
|
abstract
String
|
getRealPath(String arg0)
|
abstract
String
|
getRemoteAddr()
|
abstract
String
|
getRemoteHost()
|
abstract
int
|
getRemotePort()
|
abstract
RequestDispatcher
|
getRequestDispatcher(String arg0)
|
abstract
String
|
getScheme()
|
abstract
String
|
getServerName()
|
abstract
int
|
getServerPort()
|
abstract
boolean
|
isSecure()
|
abstract
void
|
removeAttribute(String arg0)
|
abstract
void
|
setAttribute(String arg0, Object arg1)
|
abstract
void
|
setCharacterEncoding(String arg0)
|
|
From interface
javax.servlet.http.HttpServletRequest
abstract
String
|
getAuthType()
|
abstract
String
|
getContextPath()
|
abstract
Cookie[]
|
getCookies()
|
abstract
long
|
getDateHeader(String arg0)
|
abstract
String
|
getHeader(String arg0)
|
abstract
Enumeration
|
getHeaderNames()
|
abstract
Enumeration
|
getHeaders(String arg0)
|
abstract
int
|
getIntHeader(String arg0)
|
abstract
String
|
getMethod()
|
abstract
String
|
getPathInfo()
|
abstract
String
|
getPathTranslated()
|
abstract
String
|
getQueryString()
|
abstract
String
|
getRemoteUser()
|
abstract
String
|
getRequestURI()
|
abstract
StringBuffer
|
getRequestURL()
|
abstract
String
|
getRequestedSessionId()
|
abstract
String
|
getServletPath()
|
abstract
HttpSession
|
getSession(boolean arg0)
|
abstract
HttpSession
|
getSession()
|
abstract
Principal
|
getUserPrincipal()
|
abstract
boolean
|
isRequestedSessionIdFromCookie()
|
abstract
boolean
|
isRequestedSessionIdFromURL()
|
abstract
boolean
|
isRequestedSessionIdFromUrl()
|
abstract
boolean
|
isRequestedSessionIdValid()
|
abstract
boolean
|
isUserInRole(String arg0)
|
|
Public Constructors
public
SecurityContextHolderAwareRequestWrapper
(HttpServletRequest request, String rolePrefix)
Public Methods
public
String
getRemoteUser
()
Returns the principal's name, as obtained from the SecurityContextHolder
. Properly handles
both String
-based and UserDetails
-based principals.
Returns
- the username or
null
if unavailable
public
Principal
getUserPrincipal
()
Returns the Authentication
(which is a subclass of Principal
), or
null
if unavailable.
Returns
- the
Authentication
, or null
public
boolean
isUserInRole
(String role)
Simple searches for an exactly matching getAuthority()
.
Will always return false
if the SecurityContextHolder
contains an
Authentication
with null
principal
and/or GrantedAuthority[]
objects.
Parameters
role
| the GrantedAuthority String representation to check for |
Returns
true
if an exact (case sensitive) matching granted authority is located,
false
otherwise