public class RequestHeaderPreAuthenticationProcessingFilter
extends org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
RequestAttributePreAuthenticationProcessingFilter class. This filter should be used before the FORM_LOGIN_FILTER position in the filter chain.
If enabled, attempt to pre-authenticate as the user specified in the provided header.
Note that this can be easily spoofed if you expose the original OpenNMS instance rather than only allowing this through a proxy! Be sure your OpenNMS is proxied and that the proxy is performing authentication and ALWAYS setting this header.
Constructor and Description |
---|
RequestHeaderPreAuthenticationProcessingFilter() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
protected Object |
getPreAuthenticatedCredentials(javax.servlet.http.HttpServletRequest request) |
protected Object |
getPreAuthenticatedPrincipal(javax.servlet.http.HttpServletRequest request) |
void |
setCredentialsHeader(String credentialsHeader)
The header to extract credentials from.
|
void |
setEnabled(boolean enabled)
Whether or not to enable this pre-auth filter.
|
void |
setFailOnError(boolean failOnError)
Whether to fail if the user is not found, or to fall through to other authentication mechanisms.
|
void |
setUserHeader(String userHeader)
The header (eg, X-Remote-User) to extract the authenticated user from.
|
doFilter, getAuthenticationDetailsSource, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationManager, setCheckForPrincipalChanges, setContinueFilterChainOnUnsuccessfulAuthentication, setInvalidateSessionOnPrincipalChange, successfulAuthentication, unsuccessfulAuthentication
public RequestHeaderPreAuthenticationProcessingFilter()
public void afterPropertiesSet()
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
afterPropertiesSet
in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
protected Object getPreAuthenticatedPrincipal(javax.servlet.http.HttpServletRequest request)
getPreAuthenticatedPrincipal
in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
protected Object getPreAuthenticatedCredentials(javax.servlet.http.HttpServletRequest request)
getPreAuthenticatedCredentials
in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
public void setEnabled(boolean enabled)
enabled
- public void setUserHeader(String userHeader)
userHeader
- public void setCredentialsHeader(String credentialsHeader)
credentialsHeader
- public void setFailOnError(boolean failOnError)
Copyright © 2020. All rights reserved.