Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
/*
* Copyright 2002-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.web.authentication;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationManagerResolver;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.web.filter.OncePerRequestFilter;
/**
* A {@link Filter} that performs authentication of a particular request. An
* outline of the logic:
*
*
*
A request comes in and if it does not match
* {@link #setRequestMatcher(RequestMatcher)}, then this filter does nothing and
* the {@link FilterChain} is continued. If it does match then...
*
An attempt to convert the {@link HttpServletRequest} into an
* {@link Authentication} is made. If the result is empty, then the filter does
* nothing more and the {@link FilterChain} is continued. If it does create an
* {@link Authentication}...
*
The {@link AuthenticationManager} specified in
* {@link #GenericAuthenticationFilter(AuthenticationManager)} is used to
* perform authentication.
*
The {@link AuthenticationManagerResolver} specified in
* {@link #GenericAuthenticationFilter(AuthenticationManagerResolver)} is used
* to resolve the appropriate authentication manager from context to perform
* authentication.
*
If authentication is successful, {@link AuthenticationSuccessHandler} is
* invoked and the authentication is set on {@link SecurityContextHolder}, else
* {@link AuthenticationFailureHandler} is invoked