Examples of ExceptionTranslationFilter

• org.acegisecurity.ui.ExceptionTranslationFilter
  Handles any AccessDeniedException and AuthenticationException thrown within the filter chain.

  This filter is necessary because it provides the bridge between Java exceptions and HTTP responses. It is solely concerned with maintaining the user interface. This filter does not do any actual security enforcement.

  If an {@link AuthenticationException} is detected, the filter will launch the authenticationEntryPoint.This allows common handling of authentication failures originating from any subclass of {@link org.acegisecurity.intercept.AbstractSecurityInterceptor}.

  If an {@link AccessDeniedException} is detected, the filter will determine whether or not the user is an anonymoususer. If they are an anonymous user, the authenticationEntryPoint will be launched. If they are not an anonymous user, the filter will delegate to the {@link org.acegisecurity.ui.AccessDeniedHandler}. By default the filter will use {@link org.acegisecurity.ui.AccessDeniedHandlerImpl}.

  To use this filter, it is necessary to specify the following properties:

  • authenticationEntryPoint indicates the handler that should commence the authentication process if an AuthenticationException is detected. Note that this may also switch the current protocol from http to https for an SSL login.
  • portResolver is used to determine the "real" port that a request was received on.

  Do not use this class directly. Instead configure web.xml to use the {@link org.acegisecurity.util.FilterToBeanProxy}.

  @author Ben Alex @author colin sampaleanu @version $Id: ExceptionTranslationFilter.java 2134 2007-09-19 16:41:06Z luke_t $
• org.springframework.security.ui.ExceptionTranslationFilter
• org.springframework.security.web.access.ExceptionTranslationFilter
  Handles any AccessDeniedException and AuthenticationException thrown within the filter chain.

  This filter is necessary because it provides the bridge between Java exceptions and HTTP responses. It is solely concerned with maintaining the user interface. This filter does not do any actual security enforcement.

  If an {@link AuthenticationException} is detected, the filter will launch the authenticationEntryPoint.This allows common handling of authentication failures originating from any subclass of {@link org.springframework.security.access.intercept.AbstractSecurityInterceptor}.

  If an {@link AccessDeniedException} is detected, the filter will determine whether or not the user is an anonymoususer. If they are an anonymous user, the authenticationEntryPoint will be launched. If they are not an anonymous user, the filter will delegate to the {@link org.springframework.security.web.access.AccessDeniedHandler}. By default the filter will use {@link org.springframework.security.web.access.AccessDeniedHandlerImpl}.

  To use this filter, it is necessary to specify the following properties:

  • authenticationEntryPoint indicates the handler that should commence the authentication process if an AuthenticationException is detected. Note that this may also switch the current protocol from http to https for an SSL login.
  • requestCache determines the strategy used to save a request during the authentication process in order that it may be retrieved and reused once the user has authenticated. The default implementation is {@link HttpSessionRequestCache}.

  @author Ben Alex @author colin sampaleanu

Examples of org.acegisecurity.ui.ExceptionTranslationFilter

        super();
        Authentication auth = getSession().getAuthentication();
        if(auth == null || !auth.isAuthenticated()) {
            // emulate what acegi url control would do so that we get a proper redirect after login
            HttpServletRequest httpRequest = ((WebRequest) getRequest()).getHttpServletRequest();
            ExceptionTranslationFilter translator = (ExceptionTranslationFilter) getGeoServerApplication().getBean("consoleExceptionTranslationFilter");
            SavedRequest savedRequest = new SavedRequest(httpRequest, translator.getPortResolver());

            HttpSession session = httpRequest.getSession();
            session.setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, savedRequest);

            // then redirect to the login page

Examples of org.springframework.security.ui.ExceptionTranslationFilter

        super();
        Authentication auth = getSession().getAuthentication();
        if(auth == null || !auth.isAuthenticated() || auth instanceof AnonymousAuthenticationToken) {
            // emulate what spring security url control would do so that we get a proper redirect after login
            HttpServletRequest httpRequest = ((WebRequest) getRequest()).getHttpServletRequest();
            ExceptionTranslationFilter translator = (ExceptionTranslationFilter) getGeoServerApplication().getBean("consoleExceptionTranslationFilter");
            SavedRequest savedRequest = new SavedRequest(httpRequest, translator.getPortResolver());

            HttpSession session = httpRequest.getSession();
            session.setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, savedRequest);

            // then redirect to the login page

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

        AnonymousAuthenticationFilter aaf = new AnonymousAuthenticationFilter("anonymous");
        fsi = new FilterSecurityInterceptor();
        fsi.setAccessDecisionManager(accessDecisionManager);
        fsi.setSecurityMetadataSource(metadataSource);
        AuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");
        ExceptionTranslationFilter etf = new ExceptionTranslationFilter(authenticationEntryPoint);
        DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE, aaf, etf, fsi);
        fcp = new FilterChainProxy(securityChain);
        validator = new DefaultFilterChainValidator();
        Whitebox.setInternalState(validator, "logger", logger);
    }

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

        }
    }

    /* Checks for the common error of having a login page URL protected by the security interceptor */
    private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> filterStack) {
        ExceptionTranslationFilter etf = getFilter(ExceptionTranslationFilter.class, filterStack);

        if(etf == null || !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
            return;
        }

        String loginPage = ((LoginUrlAuthenticationEntryPoint)etf.getAuthenticationEntryPoint()).getLoginFormUrl();
        logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
        FilterInvocation loginRequest = new FilterInvocation(loginPage, "POST");
        List<Filter> filters = null;

        try {

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

    }

    @Override
    public void configure(H http) throws Exception {
        AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http);
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(entryPoint, getRequestCache(http));
        if(accessDeniedHandler != null) {
            exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandler);
        }
        exceptionTranslationFilter = postProcess(exceptionTranslationFilter);
        http.addFilter(exceptionTranslationFilter);
    }

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

  }

  public void doExceptionTranslationFiltering(final Throwable ex) throws Exception {
    final Execution exec = Executions.getCurrent();
    final String name = DEFAULT_EXCEPTION_TRANSLATION_FILTER_NAME;
    ExceptionTranslationFilter filter = (ExceptionTranslationFilter)
      SpringUtil.getBean(name, ExceptionTranslationFilter.class);
    if (filter == null) {
      filter = new ZkExceptionTranslationFilter();
    }
    ZKProxy.getProxy().setAttribute(exec, ZK_EXCEPTION_TRANSLATION, Boolean.TRUE);
    filter.doFilter(
      (ServletRequest)exec.getNativeRequest(),
      (ServletResponse) exec.getNativeResponse(),
      new FilterChain() {
        public void doFilter(ServletRequest arg0,
          ServletResponse arg1) throws IOException,

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

        }
    }

    /* Checks for the common error of having a login page URL protected by the security interceptor */
    private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> defaultFilters) {
        ExceptionTranslationFilter etf = (ExceptionTranslationFilter)getFilter(ExceptionTranslationFilter.class, defaultFilters);

        if (etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint) {
            String loginPage =
                ((LoginUrlAuthenticationEntryPoint)etf.getAuthenticationEntryPoint()).getLoginFormUrl();
            List<Filter> filters = fcp.getFilters(loginPage);
            logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");

            if (filters == null || filters.isEmpty()) {
                logger.debug("Filter chain is empty for the login page");

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

    }

    @Override
    public void configure(H http) throws Exception {
        AuthenticationEntryPoint entryPoint = getEntryPoint(http);
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(entryPoint, getRequestCache(http));
        if(accessDeniedHandler != null) {
            exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandler);
        }
        exceptionTranslationFilter = postProcess(exceptionTranslationFilter);
        http.addFilter(exceptionTranslationFilter);
    }

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

            ep.setEntryEntryPoint(authFilter.getAuthenticationEntryPoint());
        }

        HttpSessionRequestCache cache = new HttpSessionRequestCache();
        cache.setCreateSessionAllowed(false);
        ExceptionTranslationFilter filter = new ExceptionTranslationFilter(ep,cache);

        AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();

        if (StringUtils.hasLength(authConfig.getAccessDeniedErrorPage())) {
            // check if page exists
            if (GeoServerExtensions.file(authConfig.getAccessDeniedErrorPage())!=null)
                accessDeniedHandler.setErrorPage(authConfig.getAccessDeniedErrorPage());
            else
                LOGGER.warning("Cannot find: "+ authConfig.getAccessDeniedErrorPage());
        }

        filter.setAccessDeniedHandler(accessDeniedHandler);

        filter.afterPropertiesSet();
        getNestedFilters().add(filter);
    }

Examples of org.springframework.security.web.access.ExceptionTranslationFilter

    @Bean
    public Filter exceptionTranslationFilter(RequestCache requestCache) {
        AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
        accessDeniedHandler.setErrorPage(applicationUrl("/access-denied"));
        LoginUrlAuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint(applicationUrl("/login"));
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(authenticationEntryPoint, requestCache);
        exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandler);
        return exceptionTranslationFilter;
    }