Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.broadleafcommerce.openadmin.web.filter
Class AdminCsrfFilter

java.lang.Object
  extended by org.springframework.web.filter.GenericFilterBean
      extended by org.broadleafcommerce.common.security.handler.CsrfFilter
          extended by org.broadleafcommerce.openadmin.web.filter.AdminCsrfFilter
All Implemented Interfaces:
javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.web.context.ServletContextAware
public class AdminCsrfFilter
extends CsrfFilter

This class attempts the work flow of the CsrfFilter, but in the event of a Csrf token mismatch (Session reset for example) the User will be redirected to login, if not session reset User is sent to previous location. The "blCsrfFilter' from applicationContext-admin-security should reference this class (org.broadleafcommerce.openadmin.web.filter.AdminCsrfFilter) instead of the CsrfFilter

Author:
trevorleffert

Field Summary
 
Fields inherited from class org.broadleafcommerce.common.security.handler.CsrfFilter
excludedRequestPatterns, exploitProtectionService, LOG
 
Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
 
Constructor Summary
AdminCsrfFilter()
           
 
Method Summary
 void doFilter(javax.servlet.ServletRequest baseRequest, javax.servlet.ServletResponse baseResponse, javax.servlet.FilterChain chain)
           
 
Methods inherited from class org.broadleafcommerce.common.security.handler.CsrfFilter
getExcludedRequestPatterns, setExcludedRequestPatterns
 
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AdminCsrfFilter

public AdminCsrfFilter()
Method Detail

doFilter

public void doFilter(javax.servlet.ServletRequest baseRequest,
                     javax.servlet.ServletResponse baseResponse,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
Specified by:
doFilter in interface javax.servlet.Filter
Overrides:
doFilter in class CsrfFilter
Throws:
IOException
javax.servlet.ServletException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013. All Rights Reserved.