Java HttpRequestResponseHolder.setResponse方法代码示例

import org.springframework.security.web.context.HttpRequestResponseHolder; //导入方法依赖的package包/类
/**
 * Obtains the security context for the supplied request. For an unauthenticated user, an empty context
 * implementation should be returned. This method should not return null.
 * <p>
 * The use of the <tt>HttpRequestResponseHolder</tt> parameter allows implementations to return wrapped versions of
 * the request or response (or both), allowing them to access implementation-specific state for the request.
 * The values obtained from the holder will be passed on to the filter chain and also to the <tt>saveContext</tt>
 * method when it is finally called. Implementations may wish to return a subclass of
 * {@link SaveContextOnUpdateOrErrorResponseWrapper} as the response object, which guarantees that the context is
 * persisted when an error or redirect occurs.
 *
 * @param requestResponseHolder holder for the current request and response for which the context should be loaded.
 *
 * @return The security context which should be used for the current request, never null.
 */
@Override
public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
    HttpServletRequest request = requestResponseHolder.getRequest();
    HttpServletResponse response = requestResponseHolder.getResponse();
    requestResponseHolder.setResponse(new SaveToCookieResponseWrapper(request, response));
    Cookie authenticationCookie = getAuthenticationCookie(request);
    if (authenticationCookie == null) {
        return SecurityContextHolder.createEmptyContext();
    }
    String serialisedAuthentication = tokenEncryption.decryptAndVerify(authenticationCookie.getValue());
    if (serialisedAuthentication == null) {
        response.addCookie(createExpireAuthenticationCookie(request));
        return SecurityContextHolder.createEmptyContext();
    }
    Authentication authentication = authenticationSerializer.deserialize(serialisedAuthentication);
    SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
    securityContext.setAuthentication(authentication);
    return securityContext;
}
 

import org.springframework.security.web.context.HttpRequestResponseHolder; //导入方法依赖的package包/类
@Override
public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
	HttpServletRequest request = requestResponseHolder.getRequest();
	HttpServletResponse response = requestResponseHolder.getResponse();
	HttpSession httpSession = request.getSession(false);
	
	String sid = this.getSessionId(request, true);
	SecurityContext context = readSecurityContextFromSession(request);
	if (context == null) {
		context = SecurityContextHolder.createEmptyContext();
	}

	SaveToSessionResponseWrapper wrappedResponse = new SaveToSessionResponseWrapper(
			response, request, httpSession != null, context, sid);
	requestResponseHolder.setResponse(wrappedResponse);

	if (isServlet3) {
		requestResponseHolder.setRequest(new Servlet3SaveToSessionRequestWrapper(request, wrappedResponse));
	}
	
	return context;
}
 

import org.springframework.security.web.context.HttpRequestResponseHolder; //导入方法依赖的package包/类
@Override
public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
    SaveToCookieResponseWrapper responseWrapper = new SaveToCookieResponseWrapper(requestResponseHolder.getRequest(), requestResponseHolder.getResponse(), true);
    requestResponseHolder.setResponse(responseWrapper);
    return securityContextSerializer.deserialize(requestResponseHolder.getRequest(), requestResponseHolder.getResponse());
}
 

import org.springframework.security.web.context.HttpRequestResponseHolder; //导入方法依赖的package包/类
private void wrapResponse(HttpRequestResponseHolder requestResponseHolder) {
    requestResponseHolder.setResponse(new SecurityContextRepositoryResponseWrapper(
            requestResponseHolder.getRequest(), requestResponseHolder.getResponse(), this));
}