Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep

org.acegisecurity.ui.basicauth.* (2)org.acegisecurity.ui.cas.* (3)
org.acegisecurity.ui.digestauth.* (3)org.acegisecurity.ui.rememberme.* (4)
org.acegisecurity.ui.session.* (4)org.acegisecurity.ui.switchuser.* (2)
org.acegisecurity.ui.webapp.* (3)org.acegisecurity.ui.x509.* (2)

org.acegisecurity.ui: Javadoc index of package org.acegisecurity.ui.

Package Samples:

org.acegisecurity.ui.x509: Authentication processing mechanisms, which respond to the submission of authentication credentials using various protocols (eg BASIC, CAS, form login etc).  
org.acegisecurity.ui.basicauth: Authentication processing mechanisms, which respond to the submission of authentication credentials using various protocols (eg BASIC, CAS, form login etc).  


AbstractProcessingFilter: Abstract processor of browser-based HTTP-based authentication requests. This filter is responsible for processing authentication requests. If authentication is successful, the resulting org.acegisecurity.Authentication object will be placed into the SecurityContext , which is guaranteed to have already been created by an earlier filter. If authentication fails, the AuthenticationException will be placed into the HttpSession with the attribute defined by ACEGI_SECURITY_LAST_EXCEPTION_KEY 55 . To use this filter, it is necessary to specify the following properties: defaultTargetUrl indicates the ...
TokenBasedRememberMeServices: Identifies previously remembered users by a Base-64 encoded cookie. This implementation does not rely on an external database, so is attractive for simple applications. The cookie will be valid for a specific period from the date of the last loginSuccess(HttpServletRequest, HttpServletResponse, Authentication) 55 . As per the interface contract, this method will only be called when the principal completes a successful interactive authentication. As such the time period commences from the last authentication attempt where they furnished credentials - not the time period they last logged in via remember-me. ...
BasicProcessingFilter: Processes a HTTP request's BASIC authorization headers, putting the result into the SecurityContextHolder . For a detailed background on what this filter is designed to process, refer to RFC 1945, Section 11.1 . Any realm name presented in the HTTP request is ignored. In summary, this filter is responsible for processing any request that has a HTTP request header of Authorization with an authentication scheme of Basic and a Base64-encoded username:password token. For example, to authenticate user "Aladdin" with password "open sesame" the following header would be presented: Authorization: Basic ...
DigestProcessingFilter: Processes a HTTP request's Digest authorization headers, putting the result into the SecurityContextHolder . For a detailed background on what this filter is designed to process, refer to RFC 2617 (which superseded RFC 2069, although this filter support clients that implement either RFC 2617 or RFC 2069). This filter can be used to provide Digest authentication services to both remoting protocol clients (such as Hessian and SOAP) as well as standard user agents (such as Internet Explorer and FireFox). This Digest implementation has been designed to avoid needing to store session state between invocations. ...
SwitchUserProcessingFilter: Switch User processing filter responsible for user context switching. This filter is similar to Unix 'su' however for Acegi-managed web applications. A common use-case for this feature is the ability to allow higher-authority users (i.e. ROLE_ADMIN) to switch to a regular user (i.e. ROLE_USER). This filter assumes that the user performing the switch will be required to be logged in as normal (i.e. ROLE_ADMIN user). The user will then access a page/controller that enables the administrator to specify who they wish to become (see switchUserUrl ). Note: This URL will be required to have to appropriate ...
SiteminderAuthenticationProcessingFilter: Extends Acegi's AuthenticationProcessingFilter to pick up Netegrity Siteminder's headers. Also provides a backup form-based authentication and the ability set source key names. Siteminder must present two headers to this filter, a username and password. You must set the header keys before this filter is used for authentication, otherwise Siteminder checks will be skipped. If the Siteminder check is unsuccessful (i.e. if the headers are not found), then the form parameters will be checked (see next paragraph). This allows applications to optionally function even when their Siteminder infrastructure ...
RememberMeProcessingFilter: Detects if there is no Authentication object in the SecurityContext , and populates it with a remember-me authentication token if a RememberMeServices implementation so requests. Concrete RememberMeServices implementations will have their RememberMeServices.autoLogin(HttpServletRequest, HttpServletResponse) 55 method called by this filter. The Authentication or null returned by that method will be placed into the SecurityContext . If authentication is successful, an org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent will be published to the application context. No events ...
CasProcessingFilter: Processes a CAS service ticket. A service ticket consists of an opaque ticket string. It arrives at this filter by the user's browser successfully authenticating using CAS, and then receiving a HTTP redirect to a service . The opaque ticket string is presented in the ticket request parameter. This filter monitors the service URL so it can receive the service ticket and process it. The CAS server knows which service URL to use via the ServiceProperties.getService() 55 method. Processing the service ticket involves creating a UsernamePasswordAuthenticationToken which uses CAS_STATEFUL_IDENTIFIER ...
X509ProcessingFilter: Processes the X.509 certificate submitted by a client browser when HTTPS is used with client-authentication enabled. An org.acegisecurity.providers.x509.X509AuthenticationToken is created with the certificate as the credentials. The configured authentication manager is expected to supply a provider which can handle this token (usually an instance of org.acegisecurity.providers.x509.X509AuthenticationProvider ). If authentication is successful, an org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent will be published to the application context. No events will be published ...
RememberMeServices: Implement by a class that is capable of providing a remember-me service. Acegi Security filters (namely org.acegisecurity.ui.AbstractProcessingFilter and RememberMeProcessingFilter will call the methods provided by an implementation of this interface. Implementations may implement any type of remember-me capability they wish. Rolling cookies (as per ) can be used, as can simple implementations that don't require a persistent store. Implementations also determine the validity period of a remember-me cookie. This interface ...
AuthenticationProcessingFilterEntryPoint: Used by the SecurityEnforcementFilter to commence authentication via the AuthenticationProcessingFilter . This object holds the location of the login form, relative to the web app context path, and is used to commence a redirect to that form. By setting the forceHttps property to true, you may configure the class to force the protocol used for the login form to be HTTPS , even if the original intercepted request for a resource used the HTTP protocol. When this happens, after a successful login (via HTTPS), the original resource will still be accessed as HTTP, via the original request URL. For the ...
DigestProcessingFilterEntryPoint: Used by the SecurityEnforcementFilter to commence authentication via the DigestProcessingFilter . The nonce sent back to the user agent will be valid for the period indicated by setNonceValiditySeconds(int) 55 . By default this is 300 seconds. Shorter times should be used if replay attacks are a major concern. Larger values can be used if performance is a greater concern. This class correctly presents the stale=true header when the nonce has expierd, so properly implemented user agents will automatically renegotiate with a new nonce value (ie without presenting a new password dialog box to the ...
AuthenticationProcessingFilter: Processes an authentication form. Login forms must present two parameters to this filter: a username and password. The parameter names to use are contained in the static fields ACEGI_SECURITY_FORM_USERNAME_KEY 55 and ACEGI_SECURITY_FORM_PASSWORD_KEY 55 . Do not use this class directly. Instead configure web.xml to use the org.acegisecurity.util.FilterToBeanProxy .
HttpSessionEventPublisher: Declared in web.xml as <listener> <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class> </listener> Publishes HttpSessionApplicationEvent s to the Spring Root WebApplicationContext. Maps javax.servlet.http.HttpSessionListener.sessionCreated() to HttpSessionCreatedEvent . Maps javax.servlet.http.HttpSessionListener.sessionDestroyed() to HttpSessionDestroyedEvent .
CasProcessingFilterEntryPoint: Used by the SecurityEnforcementFilter to commence authentication via the Yale Central Authentication Service (CAS). The user's browser will be redirected to the Yale CAS enterprise-wide login page. This page is specified by the loginUrl property. Once login is complete, the CAS login page will redirect to the page indicated by the service property. The service is a HTTP URL belonging to the current application. The service URL is monitored by the CasProcessingFilter , which will validate the CAS login was successful.
BasicProcessingFilterEntryPoint: Used by the SecurityEnforcementFilter to commence authentication via the BasicProcessingFilter . Once a user agent is authenticated using BASIC authentication, logout requires that the browser be closed or an unauthorized (401) header be sent. The simplest way of achieving the latter is to call the #commence(ServletRequest, ServletResponse) method below. This will indicate to the browser its credentials are no longer authorized, causing it to prompt the user to login again.
X509ProcessingFilterEntryPoint: In the X.509 authentication case (unlike CAS, for example) the certificate will already have been extracted from the request and a secure context established by the time the security-enforcement filter is invoked. Therefore this class isn't actually responsible for the commencement of authentication, as it is in the case of other providers. It will be called if the certificate was rejected by Acegi's X509AuthenticationProvider, resulting in a null authentication. The commence method will always return an HttpServletResponse.SC_FORBIDDEN (403 error).
SwitchUserGrantedAuthority: Custom GrantedAuthority used by SwitchUserProcessingFilter Stores the Authentication object of the original user to be used later when 'exiting' from a user switch.
ServiceProperties: Stores properties related to this CAS service. Each web application capable of processing CAS tickets is known as a service. This class stores the properties that are relevant to the local CAS service, being the application that is being secured by the Acegi Security System for Spring.
NullRememberMeServices: Implementation of NullRememberMeServices that does nothing. Used as a default by several framework classes.
HttpSessionCreatedEvent: Published by the HttpSessionEventPublisher when a HttpSession is destroyed by the container
HttpSessionDestroyedEvent: Published by the HttpSessionEventPublisher when a HttpSession is created in the container
NonceExpiredException: Thrown if an authentication request is rejected because the digest nonce has expired.
WebAuthenticationDetails: A holder of selected HTTP details related to a web authentication request.
HttpSessionApplicationEvent: Parent class for published HttpSession events

Home | Contact Us | Privacy Policy | Terms of Service