Renamed form and openID filters to shorten names
This commit is contained in:
Luke Taylor
parent
1042305cfe
commit
949759c31a
|
|
@ -171,8 +171,8 @@
|
|||
</section>
|
||||
<section xml:id="nsa-form-login">
|
||||
<title>The <literal><form-login></literal> Element</title>
|
||||
<para> Used to add an <classname>UsernamePasswordAuthenticationProcessingFilter</classname> to
|
||||
the filter stack and an <classname>LoginUrlAuthenticationEntryPoint</classname> to the
|
||||
<para> Used to add an <classname>UsernamePasswordAuthenticationFilter</classname> to the
|
||||
filter stack and an <classname>LoginUrlAuthenticationEntryPoint</classname> to the
|
||||
application context to provide authentication on demand. This will always take precedence
|
||||
over other namespace-created entry points. If no attributes are supplied, a login page will
|
||||
be generated automatically at the URL "/spring-security-login" <footnote><para>This feature
|
||||
|
|
@ -192,32 +192,32 @@
|
|||
<section>
|
||||
<title><literal>login-processing-url</literal></title>
|
||||
<para> Maps to the <literal>filterProcessesUrl</literal> property of
|
||||
<classname>UsernamePasswordAuthenticationProcessingFilter</classname>. The default value
|
||||
is "/j_spring_security_check". </para>
|
||||
<classname>UsernamePasswordAuthenticationFilter</classname>. The default value is
|
||||
"/j_spring_security_check". </para>
|
||||
</section>
|
||||
<section>
|
||||
<title><literal>default-target-url</literal></title>
|
||||
<para>Maps to the <literal>defaultTargetUrl</literal> property of
|
||||
<classname>UsernamePasswordAuthenticationProcessingFilter</classname>. If not set, the
|
||||
default value is "/" (the application root). A user will be taken to this URL after
|
||||
logging in, provided they were not asked to login while attempting to access a secured
|
||||
resource, when they will be taken to the originally requested URL. </para>
|
||||
<classname>UsernamePasswordAuthenticationFilter</classname>. If not set, the default
|
||||
value is "/" (the application root). A user will be taken to this URL after logging in,
|
||||
provided they were not asked to login while attempting to access a secured resource, when
|
||||
they will be taken to the originally requested URL. </para>
|
||||
</section>
|
||||
<section>
|
||||
<title><literal>always-use-default-target</literal></title>
|
||||
<para> If set to "true", the user will always start at the value given by
|
||||
<literal>default-target-url</literal>, regardless of how they arrived at the login page.
|
||||
Maps to the <literal>alwaysUseDefaultTargetUrl</literal> property of
|
||||
<classname>UsernamePasswordAuthenticationProcessingFilter</classname>. Default value is
|
||||
"false". </para>
|
||||
<classname>UsernamePasswordAuthenticationFilter</classname>. Default value is "false".
|
||||
</para>
|
||||
</section>
|
||||
<section>
|
||||
<title><literal>authentication-failure-url</literal></title>
|
||||
<para> Maps to the <literal>authenticationFailureUrl</literal> property of
|
||||
<classname>UsernamePasswordAuthenticationProcessingFilter</classname>. Defines the URL
|
||||
the browser will be redirected to on login failure. Defaults to
|
||||
"/spring_security_login?login_error", which will be automatically handled by the automatic
|
||||
login page generator, re-rendering the login page with an error message. </para>
|
||||
<classname>UsernamePasswordAuthenticationFilter</classname>. Defines the URL the browser
|
||||
will be redirected to on login failure. Defaults to "/spring_security_login?login_error",
|
||||
which will be automatically handled by the automatic login page generator, re-rendering
|
||||
the login page with an error message. </para>
|
||||
</section>
|
||||
<section>
|
||||
<title><literal>authentication-success-handler-ref</literal></title>
|
||||
|
|
@ -384,8 +384,7 @@
|
|||
<title>The <literal><openid-login></literal> Element</title>
|
||||
<para> Similar to <literal><form-login></literal> and has the same attributes. The
|
||||
default value for <literal>login-processing-url</literal> is
|
||||
"/j_spring_openid_security_check". An
|
||||
<classname>OpenIDUsernamePasswordAuthenticationProcessingFilter</classname> and
|
||||
"/j_spring_openid_security_check". An <classname>OpenIDAuthenticationFilter</classname> and
|
||||
<classname>OpenIDAuthenticationProvider</classname> will be registered. The latter
|
||||
requires a reference to a <interfacename>UserDetailsService</interfacename>. Again, this can
|
||||
be specified by Id, using the <literal>user-service-ref</literal> attribute, or will be
|
||||
|
|
|
|||
|
|
@ -319,7 +319,7 @@
|
|||
</para>
|
||||
|
||||
<para>The <literal>CasProcessingFilter</literal> has very similar
|
||||
properties to the <literal>UsernamePasswordAuthenticationProcessingFilter</literal>
|
||||
properties to the <literal>UsernamePasswordAuthenticationFilter</literal>
|
||||
(used for form-based logins). Each property is
|
||||
self-explanatory. Note that we've also used the namespace syntax
|
||||
for setting up an alias to the authentication mnager, since the
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@
|
|||
</http>
|
||||
|
||||
<beans:bean id="myAuthFilter"
|
||||
class="org.springframework.security.web.authentcation.UsernamePasswordAuthenticationProcessingFilter">
|
||||
class="org.springframework.security.web.authentcation.UsernamePasswordAuthenticationFilter">
|
||||
<beans:property name="sessionAuthenticationStrategy" ref="sas" />
|
||||
...
|
||||
</beans:bean>
|
||||
|
|
@ -106,7 +106,7 @@
|
|||
</beans:bean>
|
||||
|
||||
<beans:bean id="myAuthFilter"
|
||||
class="org.springframework.security.web.authentcation.UsernamePasswordAuthenticationProcessingFilter">
|
||||
class="org.springframework.security.web.authentcation.UsernamePasswordAuthenticationFilter">
|
||||
<beans:property name="sessionAuthenticationStrategy" ref="sas" />
|
||||
...
|
||||
</beans:bean>
|
||||
|
|
|
|||
|
|
@ -231,7 +231,7 @@ class="org.springframework.security.web.context.SecurityContextPersistenceFilter
|
|||
</section>
|
||||
</section>
|
||||
<section xml:id="form-login-filter">
|
||||
<title><classname>UsernamePasswordAuthenticationProcessingFilter</classname></title>
|
||||
<title><classname>UsernamePasswordAuthenticationFilter</classname></title>
|
||||
<para>We've now seen the three main filters which are always present in a Spring Security
|
||||
web configuration. These are also the three which are automatically created by the
|
||||
namespace <literal><http></literal> element and cannot be substituted with
|
||||
|
|
@ -250,7 +250,7 @@ class="org.springframework.security.web.context.SecurityContextPersistenceFilter
|
|||
<classname>ExceptionTranslationFilter</classname>.
|
||||
</para></listitem><listitem><para>Implement the login page (using a JSP or
|
||||
MVC controller).</para></listitem><listitem><para>Configure an instance of
|
||||
<classname>UsernamePasswordAuthenticationProcessingFilter</classname> in
|
||||
<classname>UsernamePasswordAuthenticationFilter</classname> in
|
||||
the application context</para></listitem><listitem><para>Add the filter bean
|
||||
to your filter chain proxy (making sure you pay attention to the order).
|
||||
<!-- TODO: link --></para></listitem></orderedlist> The login form simply
|
||||
|
|
@ -259,7 +259,7 @@ class="org.springframework.security.web.context.SecurityContextPersistenceFilter
|
|||
<literal>/j_spring_security_check</literal>). The basic filter configuration looks
|
||||
something like this: <programlisting><![CDATA[
|
||||
<bean id="authenticationProcessingFilter" class=
|
||||
"org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter">
|
||||
"org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
|
||||
</bean> ]]>
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
<info><title>Overview</title></info>
|
||||
|
||||
<para>HTTP Form Authentication involves using the
|
||||
<literal>UsernamePasswordAuthenticationProcessingFilter</literal> to process a login
|
||||
<literal>UsernamePasswordAuthenticationFilter</literal> to process a login
|
||||
form. This is the most common way for an application to authenticate end
|
||||
users. Form-based authentication is entirely compatible with the DAO, LDAP
|
||||
and JAAS authentication providers.</para>
|
||||
|
|
@ -21,10 +21,10 @@
|
|||
<literal>j_password</literal> input fields, and posts to a URL that is
|
||||
monitored by the filter (by default
|
||||
<literal>/j_spring_security_check</literal>). You should add an
|
||||
<literal>UsernamePasswordAuthenticationProcessingFilter</literal> to your application context:
|
||||
<literal>UsernamePasswordAuthenticationFilter</literal> to your application context:
|
||||
<programlisting><![CDATA[
|
||||
<bean id="authenticationProcessingFilter" class=
|
||||
"org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter">
|
||||
"org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
|
||||
</bean> ]]>
|
||||
|
|
|
|||
|
|
@ -431,7 +431,7 @@
|
|||
at particular locations or use a Spring Security filter for which there isn't currently a
|
||||
namespace configuration option (CAS, for example). Or you might want to use a customized
|
||||
version of a standard namespace filter, such as the
|
||||
<literal>UsernamePasswordAuthenticationProcessingFilter</literal> which is created by the
|
||||
<literal>UsernamePasswordAuthenticationFilter</literal> which is created by the
|
||||
<literal><form-login></literal> element, taking advantage of some of the extra
|
||||
configuration options which are available by using the bean explicitly. How can you do this
|
||||
with namespace configuration, since the filter chain is not directly exposed? </para>
|
||||
|
|
@ -464,7 +464,7 @@
|
|||
Subclasses</entry><entry>N/A</entry></row><row><entry> CAS_PROCESSING_FILTER
|
||||
</entry><entry><literal>CasProcessingFilter</literal></entry><entry>N/A</entry></row><row><entry>
|
||||
AUTHENTICATION_PROCESSING_FILTER
|
||||
</entry><entry><literal>UsernamePasswordAuthenticationProcessingFilter</literal></entry><entry><literal>http/form-login</literal></entry></row><row><entry>
|
||||
</entry><entry><literal>UsernamePasswordAuthenticationFilter</literal></entry><entry><literal>http/form-login</literal></entry></row><row><entry>
|
||||
BASIC_PROCESSING_FILTER
|
||||
</entry><entry><literal>BasicProcessingFilter</literal></entry><entry><literal>http/http-basic</literal></entry></row><row><entry>
|
||||
SERVLET_API_SUPPORT_FILTER</entry><entry><literal>SecurityContextHolderAwareRequestFilter</literal></entry><entry><literal>http/@servlet-api-provision</literal></entry></row><row><entry>
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@
|
|||
<para>Remember-me authentication is not used with basic
|
||||
authentication, given it is often not used with
|
||||
<literal>HttpSession</literal>s. Remember-me is used with
|
||||
<literal>UsernamePasswordAuthenticationProcessingFilter</literal>, and is implemented
|
||||
<literal>UsernamePasswordAuthenticationFilter</literal>, and is implemented
|
||||
via hooks in the <literal>AbstractAuthenticationProcessingFilter</literal>
|
||||
superclass. The hooks will invoke a concrete
|
||||
<interfacename>RememberMeServices</interfacename> at the appropriate times. The
|
||||
|
|
@ -158,13 +158,13 @@
|
|||
]]>
|
||||
</programlisting>Don't forget to add your
|
||||
<interfacename>RememberMeServices</interfacename> implementation to your
|
||||
<literal>UsernamePasswordAuthenticationProcessingFilter.setRememberMeServices()</literal>
|
||||
<literal>UsernamePasswordAuthenticationFilter.setRememberMeServices()</literal>
|
||||
property, include the
|
||||
<literal>RememberMeAuthenticationProvider</literal> in your
|
||||
<literal>AuthenticationManager.setProviders()</literal> list, and add
|
||||
<classname>RememberMeProcessingFilter</classname> into your
|
||||
<classname>FilterChainProxy</classname> (typically immediately after your
|
||||
<literal>UsernamePasswordAuthenticationProcessingFilter</literal>).</para>
|
||||
<literal>UsernamePasswordAuthenticationFilter</literal>).</para>
|
||||
</section>
|
||||
<section>
|
||||
<title>PersistentTokenBasedRememberMeServices</title>
|
||||
|
|
|
|||
|
|
@ -151,7 +151,7 @@
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>Authentication processing mechanisms -
|
||||
<classname>UsernamePasswordAuthenticationProcessingFilter</classname>,
|
||||
<classname>UsernamePasswordAuthenticationFilter</classname>,
|
||||
<classname>CasProcessingFilter</classname>,
|
||||
<classname>BasicProcessingFilter</classname> etc - so that the
|
||||
<classname>SecurityContextHolder</classname> can be modified to contain a valid
|
||||
|
|
|
|||
|
|
@ -154,7 +154,7 @@
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>Authentication processing mechanisms -
|
||||
<classname>UsernamePasswordAuthenticationProcessingFilter</classname>,
|
||||
<classname>UsernamePasswordAuthenticationFilter</classname>,
|
||||
<classname>CasProcessingFilter</classname>,
|
||||
<classname>BasicProcessingFilter</classname> etc - so that the
|
||||
<classname>SecurityContextHolder</classname> can be modified to contain a valid
|
||||
|
|
|
|||
Loading…
Reference in New Issue