org.acegisecurity.util
Class FilterChainProxy

java.lang.Object
  extended by org.acegisecurity.util.FilterChainProxy
All Implemented Interfaces:
javax.servlet.Filter, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationContextAware

public class FilterChainProxy
extends Object
implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationContextAware

Delegates Filter requests to a list of Spring-managed beans.

The FilterChainProxy is loaded via a standard FilterToBeanProxy declaration in web.xml. FilterChainProxy will then pass init(FilterConfig), destroy() and doFilter(ServletRequest, ServletResponse, FilterChain) invocations through to each Filter defined against FilterChainProxy.

FilterChainProxy is configured using a standard FilterInvocationDefinitionSource. Each possible URI pattern that FilterChainProxy should service must be entered. The first matching URI pattern located by FilterInvocationDefinitionSource for a given request will be used to define all of the Filters that apply to that request. NB: This means you must put most specific URI patterns at the top of the list, and ensure all Filters that should apply for a given URI pattern are entered against the respective entry. The FilterChainProxy will not iterate the remainder of the URI patterns to locate additional Filters. The FilterInvocationDefinitionSource described the applicable URI pattern to fire the filter chain, followed by a list of configuration attributes. Each configuration attribute's ConfigAttribute.getAttribute() corresponds to a bean name that is available from the application context.

FilterChainProxy respects normal handling of Filters that elect not to call Filter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain), in that the remainder of the origial or FilterChainProxy-declared filter chain will not be called.

It is particularly noted the Filter lifecycle mismatch between the servlet container and IoC container. As per FilterToBeanProxy JavaDocs, we recommend you allow the IoC container to manage lifecycle instead of the servlet container. By default the FilterToBeanProxy will never call this class' init(FilterConfig) and destroy() methods, meaning each of the filters defined against FilterInvocationDefinitionSource will not be called. If you do need your filters to be initialized and destroyed, please set the lifecycle initialization parameter against the FilterToBeanProxy to specify servlet container lifecycle management.

If a filter name of TOKEN_NONE is used, this allows specification of a filter pattern which should never cause any filters to fire.

Version:
$Id: FilterChainProxy.java 1864 2007-05-25 02:03:12Z benalex $
Author:
Carlos Sanchez, Ben Alex

Field Summary
static String TOKEN_NONE
           
 
Constructor Summary
FilterChainProxy()
           
 
Method Summary
 void afterPropertiesSet()
           
 void destroy()
           
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
           
 FilterInvocationDefinitionSource getFilterInvocationDefinitionSource()
           
 void init(javax.servlet.FilterConfig filterConfig)
           
protected  javax.servlet.Filter[] obtainAllDefinedFilters()
          Obtains all of the uniqueFilter instances registered against the FilterInvocationDefinitionSource.
 void setApplicationContext(org.springframework.context.ApplicationContext applicationContext)
           
 void setFilterInvocationDefinitionSource(FilterInvocationDefinitionSource filterInvocationDefinitionSource)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

TOKEN_NONE

public static final String TOKEN_NONE
See Also:
Constant Field Values
Constructor Detail

FilterChainProxy

public FilterChainProxy()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
Throws:
Exception

destroy

public void destroy()
Specified by:
destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
Specified by:
doFilter in interface javax.servlet.Filter
Throws:
IOException
javax.servlet.ServletException

getFilterInvocationDefinitionSource

public FilterInvocationDefinitionSource getFilterInvocationDefinitionSource()

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException
Specified by:
init in interface javax.servlet.Filter
Throws:
javax.servlet.ServletException

obtainAllDefinedFilters

protected javax.servlet.Filter[] obtainAllDefinedFilters()
Obtains all of the uniqueFilter instances registered against the FilterInvocationDefinitionSource.

This is useful in ensuring a Filter is not initialized or destroyed twice.

Returns:
all of the Filter instances in the application context for which there has been an entry against the FilterInvocationDefinitionSource (only one entry is included in the array for each Filter that actually exists in application context, even if a given Filter is defined multiples times by the FilterInvocationDefinitionSource)

setApplicationContext

public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext)
                           throws org.springframework.beans.BeansException
Specified by:
setApplicationContext in interface org.springframework.context.ApplicationContextAware
Throws:
org.springframework.beans.BeansException

setFilterInvocationDefinitionSource

public void setFilterInvocationDefinitionSource(FilterInvocationDefinitionSource filterInvocationDefinitionSource)


Copyright © 2004-2012 Interface21, Inc. All Rights Reserved.