Superclass for any filter that controls access to a resource and may redirect the user to the login page if they are not authenticated. This superclass provides the method {@link #saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} which is used by many subclasses as the behavior when a user is unauthenticated.
任何过滤器的超类,该过滤器控制对资源的访问,如果用户未经过身份验证,则可能将用户重定向到登录页面。这个超类提供了方法{@link #saveRequestAndRedirectToLogin(javax.servlet。当一个用户未经过身份验证时,它被许多子类用作要实现的接下来的行为。
isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception
Returns
true
if the request is allowed to proceed through the filter normally, orfalse
if the request should be handled by the {@link #onAccessDenied(ServletRequest,ServletResponse,Object) onAccessDenied(request,response,mappedValue)} method instead.
返回true如果该请求被允许正常通过过滤器,或者false如果该请求应该由{@link #onAccessDenied(ServletRequest,ServletResponse,Object) onAccessDenied(request,response,mappedValue)}方法来处理。
protected abstract boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception;
onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception
Processes requests where the subject was denied access as determined by the {@link #isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, Object) isAccessAllowed} method, retaining the {@code mappedValue} that was used during configuration.
处理由{@link #isAccessAllowed(javax.servlet)确定的对象被拒绝访问的请求
。ServletRequest javax.servlet。ServletResponse, Object) isAccessAllowed}方法,保留配置期间使用的{@code mappedValue}。
This method immediately delegates to {@link #onAccessDenied(ServletRequest,ServletResponse)} as a convenience in that most post-denial behavior does not need the mapped config again.
这个方法立即委托给{@link #onAccessDenied(ServletRequest,ServletResponse)},因为大多数后拒绝行为不需要再次映射配置。
protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
return onAccessDenied(request, response);
}
protected abstract boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception;
isLoginRequest(ServletRequest request, ServletResponse response)
如果是登录请求返回true,否则返回false
protected boolean isLoginRequest(ServletRequest request, ServletResponse response) {
return pathsMatch(getLoginUrl(), request);
}
saveRequest(ServletRequest request)
Convenience method merely delegates to {@link WebUtils#saveRequest(javax.servlet.ServletRequest) WebUtils.saveRequest(request)} to save the request retain user request state when a redirect is issued to return the user to their originally requested url/resource.
方便方法委托{@link WebUtils#saveRequest(javax.servlet.ServletRequest) WebUtils.saveRequest(request)}来保存请求,当发出重定向时保留用户请求状态,以返回用户最初请求的url/资源。
如果您需要保存并立即重定向用户登录,可以考虑使用该方法
protected void saveRequest(ServletRequest request) {
WebUtils.saveRequest(request);
}
redirectToLogin(ServletRequest request, ServletResponse response) throws IOException
Convenience method for subclasses that merely acquires the {@link #getLoginUrl() getLoginUrl} and redirects the request to that url.
子类的便利方法,它只获取{@link #getLoginUrl() getLoginUrl}并将请求重定向到该url。
If you want to issue a redirect with the intention of allowing the user to then return to their originally requested URL, don’t use this method directly. Instead you should call {@link #saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse) saveRequestAndRedirectToLogin(request,response)}, which will save the current request state so that it can be reconstructed and re-used after a successful login.
如果您希望发出重定向的意图是允许用户返回到他们最初请求的URL,请不要直接使用此方法。
相反,你应该调用{@link #saveRequestAndRedirectToLogin(javax.servlet。saveRequestAndRedirectToLogin(request,response)},它将保存当前的请求状态,以便在成功登录后可以重新构建和重用。
protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
String loginUrl = getLoginUrl();
WebUtils.issueRedirect(request, response, loginUrl);
}
saveRequestAndRedirectToLogin(ServletRequest request, ServletResponse response) throws IOException
Convenience method for subclasses to use when a login redirect is required. This implementation simply calls {@link #saveRequest(javax.servlet.ServletRequest) saveRequest(request)} and then {@link #redirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse) redirectToLogin(request,response)}.
当需要登录重定向时,子类使用的方便方法。这个实现简单地调用{@link #saveRequest(javax.servlet. servletrequest) saveRequest(request)},然后{@link #redirectToLogin(javax.servlet. servletrequest)。ServletRequest javax.servlet.ServletResponse) redirectToLogin(请求、响应)}。
protected void saveRequestAndRedirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
saveRequest(request);
redirectToLogin(request, response);
}
getSubject(ServletRequest request, ServletResponse response)?
protected Subject getSubject(ServletRequest request, ServletResponse response) {
return SecurityUtils.getSubject();
}
总结这个类可以做的事情
任何过滤器的超类,该过滤器控制对资源的访问,如果用户未经过身份验证,则可能将用户重定向到登录页面。这个超类提供了方法{@link #saveRequestAndRedirectToLogin(javax.servlet。当一个用户未经过身份验证时,它被许多子类用作要实现的接下来的行为。