org.acegisecurity.context.rmi
public class ContextPropagatingRemoteInvocation extends org.springframework.remoting.support.RemoteInvocation
RemoteInvocation
that is passed from the client to the server, which contains the
contents of SecurityContextHolder
, being a SecurityContext
object.When constructed on the
client via ContextPropagatingRemoteInvocationFactory
, the contents of the
SecurityContext
are stored inside the object. The object is then passed to the server that is
processing the remote invocation. Upon the server invoking the remote invocation, it will retrieve the passed
contents of the SecurityContextHolder
and set them to the server-side
SecurityContextHolder
whilst the target object is invoked. When the target invocation has been
completed, the server-side SecurityContextHolder
will be reset to a new instance of
SecurityContextImpl
.
Constructor and Description |
---|
ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
Constructs the object, storing the value of the client-side
SecurityContextHolder inside the object. |
Modifier and Type | Method and Description |
---|---|
java.lang.Object |
invoke(java.lang.Object targetObject)
Invoked on the server-side as described in the class JavaDocs.
|
public ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
SecurityContextHolder
inside the object.methodInvocation
- the method to invokepublic java.lang.Object invoke(java.lang.Object targetObject) throws java.lang.NoSuchMethodException, java.lang.IllegalAccessException, java.lang.reflect.InvocationTargetException
Invocations will always have their
Authentication.setAuthenticated(boolean)
set to false
, which is
guaranteed to always be accepted by Authentication
implementations. This ensures that even
remotely authenticated Authentication
s will be untrusted by the server-side, which is an
appropriate security measure.
invoke
in class org.springframework.remoting.support.RemoteInvocation
targetObject
- the target object to apply the invocation tojava.lang.NoSuchMethodException
- if the method name could not be resolvedjava.lang.IllegalAccessException
- if the method could not be accessedjava.lang.reflect.InvocationTargetException
- if the method invocation resulted in an exceptionCopyright © 2004-2014 Interface21, Inc. All Rights Reserved.