Package org.springframework.security.web.authentication.preauth.j2ee
package org.springframework.security.web.authentication.preauth.j2ee
Pre-authentication support for container-authenticated requests.
It is assumed that standard JEE security has been configured and Spring Security hooks
into the security methods exposed by HttpServletRequest
to build
Authentication
object for the user.
-
ClassDescriptionImplementation of AuthenticationDetailsSource which converts the user's J2EE roles (as obtained by calling
HttpServletRequest.isUserInRole(String)
) intoGrantedAuthority
s and stores these in the authentication details object.This AbstractPreAuthenticatedProcessingFilter implementation is based on the J2EE container-based authentication mechanism.This MappableAttributesRetriever implementation reads the list of defined J2EE roles from a web.xml file and returns these from {WebXmlMappableAttributesRetriever.getMappableAttributes()
.