CrowdSSOAuthenticationProcessingFilter (Atlassian Crowd Spring Security Integration 1000.82.0 API)

java.lang.Object
- org.springframework.web.filter.GenericFilterBean
- - org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
  - - org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
    - - com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.web.context.ServletContextAware
```
public class CrowdSSOAuthenticationProcessingFilter
extends org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
```
The CrowdSSOAuthenticationProcessingFilter is to be used in conjunction with the CrowdAuthenticationProvider to provide SSO authentication. If single sign-on is not required, centralised authentication can still be achieved by using the default AuthenticationProcessingFilter in conjunction with the CrowdAuthenticationProvider.

Author:

Shihab Hamid

Field Summary
- Fields inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
  SPRING_SECURITY_FORM_PASSWORD_KEY, SPRING_SECURITY_FORM_USERNAME_KEY, SPRING_SECURITY_LAST_USERNAME_KEY
- Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
  authenticationDetailsSource, eventPublisher, messages, SPRING_SECURITY_LAST_EXCEPTION_KEY

Constructor Summary

Constructors
Constructor and Description

CrowdSSOAuthenticationProcessingFilter()

Constructors
Constructor and Description
`CrowdSSOAuthenticationProcessingFilter()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`doSetDetails(javax.servlet.http.HttpServletRequest request, org.springframework.security.authentication.AbstractAuthenticationToken authRequest)`
`protected boolean`	`requiresAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)` This filter will process all requests, however, if the filterProcessesUrl is part of the request URI, the filter will assume the request is a username/password authentication (login) request and will not check for Crowd SSO authentication.
`protected void`	`setDetails(javax.servlet.http.HttpServletRequest request, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authRequest)` Provided so that subclasses may configure what is put into the authentication request's details property.
`void`	`setHttpAuthenticator(HttpAuthenticator httpAuthenticator)` Mandatory dependency.
`void`	`setLoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint filterEntryPoint)` Optional dependency, only required if multiple Crowd applications are coexisting in the same web-application.
`void`	`setRequestToApplicationMapper(RequestToApplicationMapper requestToApplicationMapper)` Optional dependency.
`protected void`	`successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authResult)` Attempts to write out the successful SSO token to a cookie, if an SSO token was generated and stored via the AuthenticationProvider.
`protected void`	`unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed)` Attempts to remove any SSO tokens associated with the request, effectively logging the user out of Crowd.

Methods inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
attemptAuthentication, getPasswordParameter, getUsernameParameter, obtainPassword, obtainUsername, setPasswordParameter, setPostOnly, setUsernameParameter

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getFilterProcessesUrl, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication

Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CrowdSSOAuthenticationProcessingFilter
```
public CrowdSSOAuthenticationProcessingFilter()
```
- Method Detail
  - requiresAuthentication
```
protected boolean requiresAuthentication(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response)
```
    This filter will process all requests, however, if the filterProcessesUrl is part of the request URI, the filter will assume the request is a username/password authentication (login) request and will not check for Crowd SSO authentication. Authentication will proceed as defined in the AuthenticationProcessingFilter. Otherwise, an authentication request to Crowd will be made to verify any existing Crowd SSO token (via the ProviderManager).
    
    Overrides:
    
    requiresAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    
    Parameters:
    
    request - servlet request containing either username/password paramaters or the Crowd token as a cookie.
    
    response - servlet response to write out cookie.
    
    Returns:
    
    true only if the filterProcessesUrl is in the request URI.
  - setDetails
```
protected void setDetails(javax.servlet.http.HttpServletRequest request,
                          org.springframework.security.authentication.UsernamePasswordAuthenticationToken authRequest)
```
    Provided so that subclasses may configure what is put into the authentication request's details property. Sets the validation factors from the HttpServletRequest on the authentication request. Also sets the application name to the name of application responsible for authorising a particular request. For single-crowd-application-per-spring-security-context web apps, this will just return the application name specified in the ClientProperties. For multi-crowd-applications-per-spring-security-context web apps, the requestToApplicationMapper will be used to determine the application name.
    
    Overrides:
    
    setDetails in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
    
    Parameters:
    
    request - that an authentication request is being created for
    
    authRequest - the authentication request object that should have its details set
  - doSetDetails
```
protected void doSetDetails(javax.servlet.http.HttpServletRequest request,
                            org.springframework.security.authentication.AbstractAuthenticationToken authRequest)
```
  - successfulAuthentication
```
protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        org.springframework.security.core.Authentication authResult)
                                 throws IOException,
                                        javax.servlet.ServletException
```
    Attempts to write out the successful SSO token to a cookie, if an SSO token was generated and stored via the AuthenticationProvider. This effectively establishes SSO when using the CrowdAuthenticationProvider in conjunction with this filter.
    
    Overrides:
    
    successfulAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    
    Parameters:
    
    request - servlet request.
    
    response - servlet response.
    
    authResult - result of a successful authentication. If it is a CrowdSSOAuthenticationToken then the SSO token will be set to the "credentials" property.
    
    Throws:
    
    IOException - not thrown.
    
    javax.servlet.ServletException
  - unsuccessfulAuthentication
```
protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response,
                                          org.springframework.security.core.AuthenticationException failed)
                                   throws IOException,
                                          javax.servlet.ServletException
```
    Attempts to remove any SSO tokens associated with the request, effectively logging the user out of Crowd.
    
    Overrides:
    
    unsuccessfulAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    
    Parameters:
    
    request - servlet request.
    
    response - servlet response.
    
    failed - not required.
    
    Throws:
    
    IOException - not thrown.
    
    javax.servlet.ServletException
  - setHttpAuthenticator
```
public void setHttpAuthenticator(HttpAuthenticator httpAuthenticator)
```
    Mandatory dependency.
    
    Parameters:
    
    httpAuthenticator - used to extract validation factors, set cookies and perform logouts.
  - setRequestToApplicationMapper
```
public void setRequestToApplicationMapper(RequestToApplicationMapper requestToApplicationMapper)
```
    Optional dependency.
    
    Parameters:
    
    requestToApplicationMapper - only required if multiple Crowd "applications" need to be accessed via the same Spring Security context, eg. when one web-application corresponds to multiple Crowd "applications".
  - setLoginUrlAuthenticationEntryPoint
```
public void setLoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint filterEntryPoint)
```
    Optional dependency, only required if multiple Crowd applications are coexisting in the same web-application. Used to discover the login page, through and treat it specially.

Class CrowdSSOAuthenticationProcessingFilter

Field Summary

Fields inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Methods inherited from class org.springframework.web.filter.GenericFilterBean

Methods inherited from class java.lang.Object

Constructor Detail

CrowdSSOAuthenticationProcessingFilter

Method Detail

requiresAuthentication

setDetails

doSetDetails

successfulAuthentication

unsuccessfulAuthentication

setHttpAuthenticator

setRequestToApplicationMapper

setLoginUrlAuthenticationEntryPoint