com.centit.framework.security

类 DaoFilterSecurityInterceptor

java.lang.Object

org.springframework.security.access.intercept.AbstractSecurityInterceptor

com.centit.framework.security.DaoFilterSecurityInterceptor

所有已实现的接口:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.MessageSourceAware

public class DaoFilterSecurityInterceptor
extends org.springframework.security.access.intercept.AbstractSecurityInterceptor
implements javax.servlet.Filter

权限过滤器

字段概要

从类继承的字段 org.springframework.security.access.intercept.AbstractSecurityInterceptor

logger, messages

构造器概要

构造器

构造器和说明
DaoFilterSecurityInterceptor()

方法概要

限定符和类型	方法和说明
void	destroy() Not used (we rely on IoC container lifecycle services instead)
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) Method that is actually called by the filter chain.
Class<?>	getSecureObjectClass()
org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource	getSecurityMetadataSource()
void	init(javax.servlet.FilterConfig arg0) Not used (we rely on IoC container lifecycle services instead)
void	invoke(org.springframework.security.web.FilterInvocation fi)
boolean	isObserveOncePerRequest() Indicates whether once-per-request handling will be observed.
org.springframework.security.access.SecurityMetadataSource	obtainSecurityMetadataSource()
void	setObserveOncePerRequest(boolean observeOncePerRequest)
void	setSecurityMetadataSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource newSource)

从类继承的方法 org.springframework.security.access.intercept.AbstractSecurityInterceptor

afterInvocation, afterPropertiesSet, beforeInvocation, finallyInvocation, getAccessDecisionManager, getAfterInvocationManager, getAuthenticationManager, getRunAsManager, isAlwaysReauthenticate, isRejectPublicInvocations, isValidateConfigAttributes, setAccessDecisionManager, setAfterInvocationManager, setAlwaysReauthenticate, setApplicationEventPublisher, setAuthenticationManager, setMessageSource, setPublishAuthorizationSuccess, setRejectPublicInvocations, setRunAsManager, setValidateConfigAttributes

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

构造器详细资料

DaoFilterSecurityInterceptor

public DaoFilterSecurityInterceptor()

方法详细资料

init

public void init(javax.servlet.FilterConfig arg0)
          throws javax.servlet.ServletException

Not used (we rely on IoC container lifecycle services instead)

指定者:

init 在接口中 javax.servlet.Filter

参数:

arg0 - ignored

抛出:

javax.servlet.ServletException - never thrown

destroy

public void destroy()

Not used (we rely on IoC container lifecycle services instead)

指定者:

destroy 在接口中 javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException

Method that is actually called by the filter chain. Simply delegates to the invoke(FilterInvocation) method.

指定者:

doFilter 在接口中 javax.servlet.Filter

参数:

request - the servlet request

response - the servlet response

chain - the filter chain

抛出:

IOException - if the filter chain fails

javax.servlet.ServletException - if the filter chain fails

getSecurityMetadataSource

public org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource getSecurityMetadataSource()

obtainSecurityMetadataSource

public org.springframework.security.access.SecurityMetadataSource obtainSecurityMetadataSource()

指定者:

obtainSecurityMetadataSource 在类中 org.springframework.security.access.intercept.AbstractSecurityInterceptor

setSecurityMetadataSource

public void setSecurityMetadataSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource newSource)

getSecureObjectClass

public Class<?> getSecureObjectClass()

指定者:

getSecureObjectClass 在类中 org.springframework.security.access.intercept.AbstractSecurityInterceptor

invoke

public void invoke(org.springframework.security.web.FilterInvocation fi)
            throws IOException,
                   javax.servlet.ServletException

抛出:

IOException

javax.servlet.ServletException

isObserveOncePerRequest

public boolean isObserveOncePerRequest()

Indicates whether once-per-request handling will be observed. By default this is true, meaning the FilterSecurityInterceptor will only execute once-per-request. Sometimes users may wish it to execute more than once per request, such as when JSP forwards are being used and filter security is desired on each included fragment of the HTTP request.

返回:

true (the default) if once-per-request is honoured, otherwise false if FilterSecurityInterceptor will enforce authorizations for each and every fragment of the HTTP request.

setObserveOncePerRequest

public void setObserveOncePerRequest(boolean observeOncePerRequest)