-
Spring Security3源码分析-SessionManagementFilter分析-下
很多spring security3资料在介绍session的并发控制都要求配置HttpSessionEventPublisher的监听器,如下 <listener> <listener-class> org.springframework.security.web.session.HttpSessionEventPublisher </listener-class> </listener> 这个监听器实现了HttpSessionListener...2013-04-19 阅读170
-
Spring Security3源码分析-SessionManagementFilter分析-上
SessionManagementFilter过滤器对应的类路径为 org.springframework.security.web.session.SessionManagementFilter 这个过滤器看名字就知道是管理session的了,http标签是自动配置时,默认是添加SessionManagementFilter过滤器到filterChainProxy中的,如果不想使用这个过滤器,需要做如下配置 <security:http auto-config="true"> <security:...2013-04-19 阅读183
-
Spring Security3源码分析-AnonymousAuthenticationFilter分析
AnonymousAuthenticationFilter过滤器对应的类路径为 org.springframework.security.web.authentication.AnonymousAuthenticationFilter AnonymousAuthenticationFilter过滤器是在UsernamePasswordAuthenticationFilter、BasicAuthenticationFilter、RememberMeAuthenticationFilter这些过滤器后面的,所以如果这三个过滤器都没有认证成功,则为当前的Securi...2013-04-19 阅读178
-
Spring Security3源码分析-BasicAuthenticationFilter分析
BasicAuthenticationFilter过滤器对应的类路径为 org.springframework.security.web.authentication.www.BasicAuthenticationFilter Basic验证方式相比较而言用的不是太多。spring security也支持basic的方式,配置如下 <security:http auto-config="true"> <!-- <security:form-login login-page="/logi...2013-04-19 阅读210
-
Spring Security3源码分析-FilterSecurityInterceptor分析
FilterSecurityInterceptor过滤器对应的类路径为 org.springframework.security.web.access.intercept.FilterSecurityInterceptor 这个filter是filterchain中比较复杂,也是比较核心的过滤器,主要负责授权的工作 在看这个filter源码之前,先来看看spring是如何构造filter这个bean的 具体的构造过程的代码片段为 //这个方法源自HttpConfigurationBuilder类 ...2013-04-19 阅读186
-
Spring Security3源码分析-SecurityContextHolderAwareRequestFilter分析
SecurityContextHolderAwareRequestFilter过滤器对应的类路径为 org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter 从类名称可以猜出这个过滤器主要是包装请求对象request的,看源码 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) ...2013-04-19 阅读179
-
Spring Security3源码分析-RememberMeAuthenticationFilter分析
RememberMeAuthenticationFilter过滤器对应的类路径为 org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter 看主要的doFilter方法 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ...2013-04-19 阅读187
-
Spring Security3源码分析-UsernamePasswordAuthenticationFilter分析
UsernamePasswordAuthenticationFilter过滤器对应的类路径为 org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter 实际上这个Filter类的doFilter是父类AbstractAuthenticationProcessingFilter的 public void doFilter(ServletRequest req, ServletResponse res, Fi...2013-04-19 阅读171
-
Spring Security3源码分析-LogoutFilter分析
LogoutFilter过滤器对应的类路径为 org.springframework.security.web.authentication.logout.LogoutFilter 通过这个类的源码可以看出,这个类有两个构造函数 public LogoutFilter(LogoutSuccessHandler logoutSuccessHandler, LogoutHandler... handlers) { Assert.notEmpty(handlers, "LogoutHandlers ar...2013-04-19 阅读188
-
Spring Security3源码分析-SecurityContextPersistenceFilter分析
通过观察Filter的名字,就能大概猜出来这个过滤器的作用,是的,持久化SecurityContext实例。这个过滤器位置是; org.springframework.security.web.context.SecurityContextPersistenceFilter 废话不说,看源码 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletE...2013-04-19 阅读180
登录
注册