| java.lang.Object |
| ↳ |
javax.servlet.ServletRequestWrapper |
| |
↳ |
javax.servlet.http.HttpServletRequestWrapper |
| |
|
↳ |
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper |
Class Overview
A Spring Security-aware HttpServletRequestWrapper, which uses the
SecurityContext-defined Authentication object to implement the servlet API security
methods isUserInRole(String) and getRemoteUser().
Summary
|
[Expand]
Inherited Constants |
|---|
 From interface
javax.servlet.http.HttpServletRequest
|
|
[Expand]
Inherited Methods |
|---|
From class
javax.servlet.http.HttpServletRequestWrapper
|
String
|
getAuthType()
|
|
String
|
getContextPath()
|
|
Cookie[]
|
getCookies()
|
|
long
|
getDateHeader(String arg0)
|
|
String
|
getHeader(String arg0)
|
|
Enumeration
|
getHeaderNames()
|
|
Enumeration
|
getHeaders(String arg0)
|
|
int
|
getIntHeader(String arg0)
|
|
String
|
getMethod()
|
|
String
|
getPathInfo()
|
|
String
|
getPathTranslated()
|
|
String
|
getQueryString()
|
|
String
|
getRemoteUser()
|
|
String
|
getRequestURI()
|
|
StringBuffer
|
getRequestURL()
|
|
String
|
getRequestedSessionId()
|
|
String
|
getServletPath()
|
|
HttpSession
|
getSession(boolean arg0)
|
|
HttpSession
|
getSession()
|
|
Principal
|
getUserPrincipal()
|
|
boolean
|
isRequestedSessionIdFromCookie()
|
|
boolean
|
isRequestedSessionIdFromURL()
|
|
boolean
|
isRequestedSessionIdFromUrl()
|
|
boolean
|
isRequestedSessionIdValid()
|
|
boolean
|
isUserInRole(String arg0)
|
|
|
From class
javax.servlet.ServletRequestWrapper
|
From class
java.lang.Object
|
Object
|
clone()
|
|
boolean
|
equals(Object arg0)
|
|
void
|
finalize()
|
|
final
Class<?>
|
getClass()
|
|
int
|
hashCode()
|
|
final
void
|
notify()
|
|
final
void
|
notifyAll()
|
|
String
|
toString()
|
|
final
void
|
wait()
|
|
final
void
|
wait(long arg0, int arg1)
|
|
final
void
|
wait(long arg0)
|
|
From interface
javax.servlet.ServletRequest
|
abstract
Object
|
getAttribute(String arg0)
|
|
abstract
Enumeration
|
getAttributeNames()
|
|
abstract
String
|
getCharacterEncoding()
|
|
abstract
int
|
getContentLength()
|
|
abstract
String
|
getContentType()
|
|
abstract
ServletInputStream
|
getInputStream()
|
|
abstract
String
|
getLocalAddr()
|
|
abstract
String
|
getLocalName()
|
|
abstract
int
|
getLocalPort()
|
|
abstract
Locale
|
getLocale()
|
|
abstract
Enumeration
|
getLocales()
|
|
abstract
String
|
getParameter(String arg0)
|
|
abstract
Map
|
getParameterMap()
|
|
abstract
Enumeration
|
getParameterNames()
|
|
abstract
String[]
|
getParameterValues(String arg0)
|
|
abstract
String
|
getProtocol()
|
|
abstract
BufferedReader
|
getReader()
|
|
abstract
String
|
getRealPath(String arg0)
|
|
abstract
String
|
getRemoteAddr()
|
|
abstract
String
|
getRemoteHost()
|
|
abstract
int
|
getRemotePort()
|
|
abstract
RequestDispatcher
|
getRequestDispatcher(String arg0)
|
|
abstract
String
|
getScheme()
|
|
abstract
String
|
getServerName()
|
|
abstract
int
|
getServerPort()
|
|
abstract
boolean
|
isSecure()
|
|
abstract
void
|
removeAttribute(String arg0)
|
|
abstract
void
|
setAttribute(String arg0, Object arg1)
|
|
abstract
void
|
setCharacterEncoding(String arg0)
|
|
From interface
javax.servlet.http.HttpServletRequest
|
abstract
String
|
getAuthType()
|
|
abstract
String
|
getContextPath()
|
|
abstract
Cookie[]
|
getCookies()
|
|
abstract
long
|
getDateHeader(String arg0)
|
|
abstract
String
|
getHeader(String arg0)
|
|
abstract
Enumeration
|
getHeaderNames()
|
|
abstract
Enumeration
|
getHeaders(String arg0)
|
|
abstract
int
|
getIntHeader(String arg0)
|
|
abstract
String
|
getMethod()
|
|
abstract
String
|
getPathInfo()
|
|
abstract
String
|
getPathTranslated()
|
|
abstract
String
|
getQueryString()
|
|
abstract
String
|
getRemoteUser()
|
|
abstract
String
|
getRequestURI()
|
|
abstract
StringBuffer
|
getRequestURL()
|
|
abstract
String
|
getRequestedSessionId()
|
|
abstract
String
|
getServletPath()
|
|
abstract
HttpSession
|
getSession(boolean arg0)
|
|
abstract
HttpSession
|
getSession()
|
|
abstract
Principal
|
getUserPrincipal()
|
|
abstract
boolean
|
isRequestedSessionIdFromCookie()
|
|
abstract
boolean
|
isRequestedSessionIdFromURL()
|
|
abstract
boolean
|
isRequestedSessionIdFromUrl()
|
|
abstract
boolean
|
isRequestedSessionIdValid()
|
|
abstract
boolean
|
isUserInRole(String arg0)
|
|
Public Constructors
public
SecurityContextHolderAwareRequestWrapper
(HttpServletRequest request, String rolePrefix)
Public Methods
public
String
getRemoteUser
()
Returns the principal's name, as obtained from the SecurityContextHolder. Properly handles
both String-based and UserDetails-based principals.
Returns
- the username or
null if unavailable
public
Principal
getUserPrincipal
()
Returns the Authentication (which is a subclass of Principal), or
null if unavailable.
Returns
- the
Authentication, or null
public
boolean
isUserInRole
(String role)
Simple searches for an exactly matching getAuthority().
Will always return false if the SecurityContextHolder contains an
Authentication with nullprincipal and/or GrantedAuthority[]
objects.
Parameters
| role
| the GrantedAuthorityString representation to check for |
Returns
true if an exact (case sensitive) matching granted authority is located,
false otherwise