Package org.springframework.security.web.access.intercept

Class AuthorizationFilter

  • All Implemented Interfaces:
    javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
    public class AuthorizationFilter
extends org.springframework.web.filter.OncePerRequestFilter
    An authorization filter that restricts access to the URL using AuthorizationManager.
    Since:
    5.5

    • Field Summary

      • Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

        ALREADY_FILTERED_SUFFIX

      • Fields inherited from class org.springframework.web.filter.GenericFilterBean

        logger

    • Constructor Summary

      Constructors 
      Constructor Description
      AuthorizationFilter​(org.springframework.security.authorization.AuthorizationManager<javax.servlet.http.HttpServletRequest> authorizationManager)
      Creates an instance.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void doFilterInternal​(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)  
      org.springframework.security.authorization.AuthorizationManager<javax.servlet.http.HttpServletRequest> getAuthorizationManager()
      Gets the AuthorizationManager used by this filter

      • Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

        doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

      • Methods inherited from class org.springframework.web.filter.GenericFilterBean

        addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • AuthorizationFilter

        public AuthorizationFilter​(org.springframework.security.authorization.AuthorizationManager<javax.servlet.http.HttpServletRequest> authorizationManager)
        Creates an instance.
        Parameters:
        authorizationManager - the AuthorizationManager to use

    • Method Detail

      • doFilterInternal

        protected void doFilterInternal​(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response,
                                javax.servlet.FilterChain filterChain)
                         throws javax.servlet.ServletException,
                                java.io.IOException
        Specified by:
        doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
        Throws:
        javax.servlet.ServletException
        java.io.IOException

      • getAuthorizationManager

        public org.springframework.security.authorization.AuthorizationManager<javax.servlet.http.HttpServletRequest> getAuthorizationManager()
        Gets the AuthorizationManager used by this filter
        Returns:
        the AuthorizationManager