|
spring-security-openid | |||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||
java.lang.Objectorg.springframework.web.filter.GenericFilterBean
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
org.springframework.security.openid.OpenIDAuthenticationFilter
public class OpenIDAuthenticationFilter
Filter which processes OpenID authentication requests.
The OpenID authentication involves two stages.
OpenIDAuthenticationProvider| Field Summary | |
|---|---|
static String |
DEFAULT_CLAIMED_IDENTITY_FIELD
|
| Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter |
|---|
authenticationDetailsSource, eventPublisher, messages, SPRING_SECURITY_LAST_EXCEPTION_KEY |
| Fields inherited from class org.springframework.web.filter.GenericFilterBean |
|---|
logger |
| Constructor Summary | |
|---|---|
OpenIDAuthenticationFilter()
|
|
| Method Summary | |
|---|---|
void |
afterPropertiesSet()
|
org.springframework.security.core.Authentication |
attemptAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authentication has two phases. |
protected String |
buildReturnToUrl(javax.servlet.http.HttpServletRequest request)
Builds the return_to URL that will be sent to the OpenID service provider. |
protected String |
lookupRealm(String returnToUrl)
|
protected String |
obtainUsername(javax.servlet.http.HttpServletRequest req)
Reads the claimedIdentityFieldName from the submitted request. |
void |
setClaimedIdentityFieldName(String claimedIdentityFieldName)
The name of the request parameter containing the OpenID identity, as submitted from the initial login form. |
void |
setConsumer(OpenIDConsumer consumer)
|
void |
setRealmMapping(Map<String,String> realmMapping)
Maps the return_to url to a realm, for example: |
void |
setReturnToUrlParameters(Set<String> returnToUrlParameters)
Specifies any extra parameters submitted along with the identity field which should be appended to the return_to URL which is assembled by buildReturnToUrl(javax.servlet.http.HttpServletRequest). |
| Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter |
|---|
doFilter, getAllowSessionCreation, getAuthenticationDetailsSource, getAuthenticationManager, getFilterProcessesUrl, getRememberMeServices, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication |
| Methods inherited from class org.springframework.web.filter.GenericFilterBean |
|---|
addRequiredProperty, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setServletContext |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final String DEFAULT_CLAIMED_IDENTITY_FIELD
| Constructor Detail |
|---|
public OpenIDAuthenticationFilter()
| Method Detail |
|---|
public void afterPropertiesSet()
afterPropertiesSet in interface InitializingBeanafterPropertiesSet in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws org.springframework.security.core.AuthenticationException,
IOException
attemptAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilterorg.springframework.security.core.AuthenticationException
IOExceptionprotected String lookupRealm(String returnToUrl)
protected String buildReturnToUrl(javax.servlet.http.HttpServletRequest request)
request - the current request which is being processed by this filter
protected String obtainUsername(javax.servlet.http.HttpServletRequest req)
public void setRealmMapping(Map<String,String> realmMapping)
http://www.example.com/j_spring_openid_security_check -> http://www.example.com/realmIf no mapping is provided then the returnToUrl will be parsed to extract the protocol, hostname and port followed by a trailing slash. This means that http://www.example.com/j_spring_openid_security_check will automatically become http://www.example.com:80/
realmMapping - containing returnToUrl -> realm mappingspublic void setClaimedIdentityFieldName(String claimedIdentityFieldName)
claimedIdentityFieldName - defaults to "openid_identifier"public void setConsumer(OpenIDConsumer consumer)
public void setReturnToUrlParameters(Set<String> returnToUrlParameters)
return_to URL which is assembled by buildReturnToUrl(javax.servlet.http.HttpServletRequest).
returnToUrlParameters - the set of parameter names. If not set, it will default to the parameter name used by the
RememberMeServices obtained from the parent class (if one is set).
|
spring-security-openid | |||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||