Package org.dspace.app.rest.security

Class StatelessAuthenticationFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

org.springframework.security.web.authentication.www.BasicAuthenticationFilter

org.dspace.app.rest.security.StatelessAuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class StatelessAuthenticationFilter
extends org.springframework.security.web.authentication.www.BasicAuthenticationFilter

Custom Spring authentication filter for Stateless authentication, intercepts requests to check for valid authentication. This runs before *every* request in the DSpace backend to see if any authentication data is passed in that request. If so, it authenticates the EPerson in the current Context.

Author:

Frederic Van Reet (frederic dot vanreet at atmire dot com), Tom Desair (tom dot desair at atmire dot com)

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor	Description
StatelessAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, RestAuthenticationService restAuthenticationService, EPersonRestAuthenticationProvider authenticationProvider, RequestService requestService)

Method Summary

Modifier and Type	Method	Description
protected void	doFilterInternal(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, javax.servlet.FilterChain chain)

Methods inherited from class org.springframework.security.web.authentication.www.BasicAuthenticationFilter

afterPropertiesSet, getAuthenticationEntryPoint, getAuthenticationManager, getCredentialsCharset, isIgnoreFailure, onSuccessfulAuthentication, onUnsuccessfulAuthentication, setAuthenticationDetailsSource, setCredentialsCharset, setRememberMeServices, setSecurityContextRepository

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

StatelessAuthenticationFilter

public StatelessAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager,
 RestAuthenticationService restAuthenticationService,
 EPersonRestAuthenticationProvider authenticationProvider,
 RequestService requestService)

Method Details

doFilterInternal

protected void doFilterInternal(javax.servlet.http.HttpServletRequest req,
 javax.servlet.http.HttpServletResponse res,
 javax.servlet.FilterChain chain)
                         throws IOException,
javax.servlet.ServletException

Overrides:

doFilterInternal in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter

Throws:

IOException

javax.servlet.ServletException