Package org.springframework.security.cas.web

Class CasGatewayAuthenticationRedirectFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.security.cas.web.CasGatewayAuthenticationRedirectFilter

All Implemented Interfaces:

jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public final class CasGatewayAuthenticationRedirectFilter
extends org.springframework.web.filter.GenericFilterBean

Redirects the request to the CAS server appending gateway=true to the URL. Upon redirection, the ServiceProperties.isSendRenew() is ignored and considered as false to align with the specification says that the sendRenew parameter is not compatible with the gateway parameter. See the CAS Protocol Specification for more details. To allow other filters to know if the request is a gateway request, this filter creates a session and add an attribute with name CAS_GATEWAY_AUTHENTICATION_ATTR which can be checked by other filters if needed. It is recommended that this filter is placed after CasAuthenticationFilter if it is defined.

Since:

6.3

Field Summary

Fields

Modifier and Type	Field	Description
static final String	CAS_GATEWAY_AUTHENTICATION_ATTR

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor	Description
CasGatewayAuthenticationRedirectFilter(String casLoginUrl, ServiceProperties serviceProperties)	Constructs a new instance of this class

Method Summary

Modifier and Type	Method	Description
void	doFilter(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, jakarta.servlet.FilterChain chain)
void	setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache)	Sets the RequestCache used to store the current request to be replayed after redirect from the CAS server.
void	setRequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher requestMatcher)	Sets the RequestMatcher used to trigger this filter.

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

CAS_GATEWAY_AUTHENTICATION_ATTR

public static final String CAS_GATEWAY_AUTHENTICATION_ATTR

See Also:

• Constant Field Values

Constructor Details

CasGatewayAuthenticationRedirectFilter

public CasGatewayAuthenticationRedirectFilter(String casLoginUrl,
 ServiceProperties serviceProperties)

Constructs a new instance of this class

Parameters:

serviceProperties - the ServiceProperties

Method Details

doFilter

public void doFilter(jakarta.servlet.ServletRequest req,
 jakarta.servlet.ServletResponse res,
 jakarta.servlet.FilterChain chain)
              throws IOException,
jakarta.servlet.ServletException

Throws:

IOException

jakarta.servlet.ServletException

setRequestMatcher

public void setRequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher requestMatcher)

Sets the RequestMatcher used to trigger this filter. Defaults to CasGatewayResolverRequestMatcher.

Parameters:

requestMatcher - the RequestMatcher to use

setRequestCache

public void setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache)

Sets the RequestCache used to store the current request to be replayed after redirect from the CAS server. Defaults to HttpSessionRequestCache.

Parameters:

requestCache - the RequestCache to use