Class RequestHeaderPreAuthenticationProcessingFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
- org.opennms.web.springframework.security.RequestHeaderPreAuthenticationProcessingFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.ApplicationEventPublisherAware
,org.springframework.context.EnvironmentAware
,org.springframework.web.context.ServletContextAware
public class RequestHeaderPreAuthenticationProcessingFilter extends org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
RequestAttributePreAuthenticationProcessingFilter class. This filter should be used before the FORM_LOGIN_FILTER position in the filter chain.
If enabled, attempt to pre-authenticate as the user specified in the provided header.
Note that this can be easily spoofed if you expose the original OpenNMS instance rather than only allowing this through a proxy! Be sure your OpenNMS is proxied and that the proxy is performing authentication and ALWAYS setting this header.
-
-
Constructor Summary
Constructors Constructor Description RequestHeaderPreAuthenticationProcessingFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
afterPropertiesSet()
protected java.lang.Object
getPreAuthenticatedCredentials(javax.servlet.http.HttpServletRequest request)
protected java.lang.Object
getPreAuthenticatedPrincipal(javax.servlet.http.HttpServletRequest request)
void
setCredentialsHeader(java.lang.String credentialsHeader)
The header to extract credentials from.void
setEnabled(boolean enabled)
Whether or not to enable this pre-auth filter.void
setFailOnError(boolean failOnError)
Whether to fail if the user is not found, or to fall through to other authentication mechanisms.void
setUserHeader(java.lang.String userHeader)
The header (eg, X-Remote-User) to extract the authenticated user from.-
Methods inherited from class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
doFilter, getAuthenticationDetailsSource, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationManager, setCheckForPrincipalChanges, setContinueFilterChainOnUnsuccessfulAuthentication, setInvalidateSessionOnPrincipalChange, successfulAuthentication, unsuccessfulAuthentication
-
-
-
-
Method Detail
-
afterPropertiesSet
public void afterPropertiesSet()
- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
- Overrides:
afterPropertiesSet
in classorg.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
getPreAuthenticatedPrincipal
protected java.lang.Object getPreAuthenticatedPrincipal(javax.servlet.http.HttpServletRequest request)
- Specified by:
getPreAuthenticatedPrincipal
in classorg.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
getPreAuthenticatedCredentials
protected java.lang.Object getPreAuthenticatedCredentials(javax.servlet.http.HttpServletRequest request)
- Specified by:
getPreAuthenticatedCredentials
in classorg.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
setEnabled
public void setEnabled(boolean enabled)
Whether or not to enable this pre-auth filter.- Parameters:
enabled
-
-
setUserHeader
public void setUserHeader(java.lang.String userHeader)
The header (eg, X-Remote-User) to extract the authenticated user from.- Parameters:
userHeader
-
-
setCredentialsHeader
public void setCredentialsHeader(java.lang.String credentialsHeader)
The header to extract credentials from.- Parameters:
credentialsHeader
-
-
setFailOnError
public void setFailOnError(boolean failOnError)
Whether to fail if the user is not found, or to fall through to other authentication mechanisms.
-
-