Class SecureChannelProcessor
java.lang.Object
org.springframework.security.web.access.channel.SecureChannelProcessor
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean
,ChannelProcessor
public class SecureChannelProcessor
extends Object
implements org.springframework.beans.factory.InitializingBean, ChannelProcessor
Ensures channel security is active by review of
HttpServletRequest.isSecure()
responses.
The class responds to one case-sensitive keyword, getSecureKeyword()
. If this
keyword is detected, HttpServletRequest.isSecure()
is used to determine
the channel security offered. If channel security is not present, the configured
ChannelEntryPoint
is called. By default the entry point is
RetryWithHttpsEntryPoint
.
The default secureKeyword
is REQUIRES_SECURE_CHANNEL
.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
void
decide
(FilterInvocation invocation, Collection<ConfigAttribute> config) Decided whether the presentedFilterInvocation
provides the appropriate level of channel security based on the requested list of ConfigAttributes.void
setEntryPoint
(ChannelEntryPoint entryPoint) void
setSecureKeyword
(String secureKeyword) boolean
supports
(ConfigAttribute attribute) Indicates whether thisChannelProcessor
is able to process the passedConfigAttribute
.
-
Constructor Details
-
SecureChannelProcessor
public SecureChannelProcessor()
-
-
Method Details
-
afterPropertiesSet
public void afterPropertiesSet()- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
-
decide
public void decide(FilterInvocation invocation, Collection<ConfigAttribute> config) throws IOException, jakarta.servlet.ServletException Description copied from interface:ChannelProcessor
Decided whether the presentedFilterInvocation
provides the appropriate level of channel security based on the requested list of ConfigAttributes.- Specified by:
decide
in interfaceChannelProcessor
- Throws:
IOException
jakarta.servlet.ServletException
-
getEntryPoint
-
getSecureKeyword
-
setEntryPoint
-
setSecureKeyword
-
supports
Description copied from interface:ChannelProcessor
Indicates whether thisChannelProcessor
is able to process the passedConfigAttribute
.This allows the
ChannelProcessingFilter
to check every configuration attribute can be consumed by the configuredChannelDecisionManager
.- Specified by:
supports
in interfaceChannelProcessor
- Parameters:
attribute
- a configuration attribute that has been configured against the ChannelProcessingFilter.- Returns:
- true if this
ChannelProcessor
can support the passed configuration attribute
-