Security filter base class.

2007-10-20 23:10:53 +00:00 · 2007-10-20 23:10:53 +00:00 · 7afa99a21a
parent a6a372a5ab
commit 7afa99a21a
1 changed files with 54 additions and 0 deletions
--- a/core/src/main/java/org/springframework/security/ui/SpringSecurityFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/SpringSecurityFilter.java
@ -0,0 +1,54 @@
+package org.springframework.security.ui;
+
+import org.springframework.core.Ordered;
+
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.ServletException;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletResponse;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletRequest;
+import javax.servlet.Filter;
+import java.io.IOException;
+
+/**
+ * Implements Ordered interface as required by security namespace configuration and implements unused filter
+ * lifecycle methods and performs casting of request and response to http versions in doFilter method.
+ *
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public abstract class SpringSecurityFilter implements Filter, Ordered {
+
+    /**
+     * Does nothing. We use IoC container lifecycle services instead.
+     *
+     * @param filterConfig ignored
+     * @throws ServletException ignored
+     */
+    public void init(FilterConfig filterConfig) throws ServletException {
+    }
+
+    /**
+     * Does nothing. We use IoC container lifecycle services instead.
+     */
+    public void destroy() {
+    }
+
+    public final void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        // Do we really need the checks on the types in practice ?
+        if (!(request instanceof HttpServletRequest)) {
+            throw new ServletException("Can only process HttpServletRequest");
+        }
+
+        if (!(response instanceof HttpServletResponse)) {
+            throw new ServletException("Can only process HttpServletResponse");
+        }
+
+        doFilterHttp((HttpServletRequest)request, (HttpServletResponse)response, chain);
+    }
+
+    protected abstract void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException;
+}