public class RememberMeProcessingFilter extends SpringSecurityFilter implements org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware
Authentication
object in the SecurityContext
, and populates it
with a remember-me authentication token if a RememberMeServices
implementation so requests.Concrete RememberMeServices
implementations will have their RememberMeServices.autoLogin(HttpServletRequest, HttpServletResponse)
method
called by this filter. The Authentication
or null
returned by that method will be placed
into the SecurityContext
. The AuthenticationManager
will be used, so that any concurrent
session management or other authentication-specific behaviour can be achieved. This is the same pattern as with
other authentication mechanisms, which call the AuthenticationManager
as part of their contract.
If authentication is successful, an InteractiveAuthenticationSuccessEvent
will be published to the application
context. No events will be published if authentication was unsuccessful, because this would generally be recorded
via an AuthenticationManager
-specific application event.
logger
Constructor and Description |
---|
RememberMeProcessingFilter() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
void |
doFilterHttp(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain) |
int |
getOrder() |
RememberMeServices |
getRememberMeServices() |
protected void |
onSuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Authentication authResult)
Called if a remember-me token is presented and successfully authenticated by the RememberMeServices
autoLogin method and the AuthenticationManager.
|
protected void |
onUnsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
AuthenticationException failed)
Called if the AuthenticationManager rejects the authentication object returned from the
RememberMeServices autoLogin method.
|
void |
setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher eventPublisher) |
void |
setAuthenticationManager(AuthenticationManager authenticationManager) |
void |
setRememberMeServices(RememberMeServices rememberMeServices) |
destroy, doFilter, init, toString
public void afterPropertiesSet() throws java.lang.Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
java.lang.Exception
public void doFilterHttp(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
doFilterHttp
in class SpringSecurityFilter
java.io.IOException
javax.servlet.ServletException
protected void onSuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authResult)
protected void onUnsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationException failed)
public RememberMeServices getRememberMeServices()
public void setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher eventPublisher)
setApplicationEventPublisher
in interface org.springframework.context.ApplicationEventPublisherAware
public void setAuthenticationManager(AuthenticationManager authenticationManager)
public void setRememberMeServices(RememberMeServices rememberMeServices)
public int getOrder()
getOrder
in interface org.springframework.core.Ordered