public class SslFilter extends PortFilter
port
and the
request.
isSecure()
. If either condition is false
,
the filter chain will not continue.
The port
property defaults to 443
and also additionally guarantees that the
request scheme is always 'https' (except for port 80, which retains the 'http' scheme).
Example config:
[urls] /secure/path/** = ssl
Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_HTTPS_PORT |
static String |
HTTPS_SCHEME |
DEFAULT_HTTP_PORT, HTTP_SCHEME
DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD
appliedPaths, pathMatcher
ALREADY_FILTERED_SUFFIX
filterConfig
Constructor and Description |
---|
SslFilter() |
Modifier and Type | Method and Description |
---|---|
protected String |
getScheme(String requestScheme,
int port) |
protected boolean |
isAccessAllowed(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
Object mappedValue)
Retains the parent method's port-matching behavior but additionally guarantees that the
ServletRequest. |
getPort, onAccessDenied, setPort, toPort
getUnauthorizedUrl, onAccessDenied, setUnauthorizedUrl
getLoginUrl, getSubject, isLoginRequest, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl
getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
getName, setName, toStringBuilder
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
public static final int DEFAULT_HTTPS_PORT
public static final String HTTPS_SCHEME
public SslFilter()
protected String getScheme(String requestScheme, int port)
getScheme
in class PortFilter
protected boolean isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue) throws Exception
ServletRequest.
isSecure()
. If the port does not match or
the request is not secure, access is denied.isAccessAllowed
in class PortFilter
request
- the incoming ServletRequest
response
- the outgoing ServletResponse
- ignored in this implementationmappedValue
- the filter-specific config value mapped to this filter in the URL rules mappings - ignored by this implementation.true
if the request is received on an expected SSL port and the
request.
isSecure()
, false
otherwise.Exception
- if the call to super.isAccessAllowed
throws an exception.Copyright © 2004–2019 The Apache Software Foundation. All rights reserved.