Example usage for org.springframework.web.context.request ServletWebRequest setAttribute

List of usage examples for org.springframework.web.context.request ServletWebRequest setAttribute

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.web.context.request.*
  5. ServletWebRequest
  6. setAttribute

Introduction

In this page you can find the example usage for org.springframework.web.context.request ServletWebRequest setAttribute.

Prototype

@Override
    public void setAttribute(String name, Object value, int scope)

Source Link

Usage

From source file:org.socialsignin.springsocial.security.signin.SpringSocialSecurityConnectInterceptor.java

/**
 * This callback 1)  Ensures that 2 different local users
 * cannot share the same 3rd party connection 2) Updates the current
 * user's authentication if the set of roles they are assigned
 * needs to change now that this connection has been made.
 * 3) Looks for a request previously saved by an access denied
 * handler, and if present, sets the url of this original
 * pre-authorisation request as a session attribute
 * //from ww w .  j  av  a  2s .  c  o  m
 */
@Override
public void postConnect(Connection<S> connection, WebRequest webRequest) {

    super.postConnect(connection, webRequest);

    /**
     * User roles are generated according to connected
     * providers in spring-social-security
     * 
     * Now that this connection has been made,
     * doe we need to update the user roles?
     * 
     * If so, update the current user's authentication and update
     * remember-me services accordingly.
     */
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

    Collection<? extends GrantedAuthority> existingAuthorities = authentication.getAuthorities();

    GrantedAuthority newAuthority = userAuthoritiesService.getProviderAuthority(connection.getKey());

    if (!existingAuthorities.contains(newAuthority)) {

        Authentication newAuthentication = authenticationFactory
                .updateAuthenticationForNewConnection(authentication, connection);
        SecurityContextHolder.getContext().setAuthentication(newAuthentication);

        if (rememberMeServices != null && webRequest instanceof ServletWebRequest) {

            ServletWebRequest servletWebRequest = ((ServletWebRequest) webRequest);
            rememberMeServices.loginSuccess(servletWebRequest.getRequest(), servletWebRequest.getResponse(),
                    newAuthentication);
        }
    }

    /**
     * This connection may have been instigated by an 
     * access denied handler which may have saved the
     * original request made by the user before their access
     * was denied.  
     * 
     * Spring Social sends the user to a particular view
     * on completion of connection.  We may wish to offer the
     * user a "continue" link on this view, allowing their
     * original request (if saved by the access denied handler)
     * to be re-attempted
     *
     */
    if (webRequest instanceof ServletWebRequest) {
        ServletWebRequest servletWebRequest = (ServletWebRequest) webRequest;
        SavedRequest savedRequest = requestCache.getRequest(servletWebRequest.getRequest(),
                servletWebRequest.getResponse());
        if (savedRequest != null) {
            String redirectUrl = savedRequest.getRedirectUrl();
            if (redirectUrl != null && savedRequest.getMethod().equalsIgnoreCase("get")) {
                servletWebRequest.setAttribute(SAVED_REQUEST_URL_ATTRIBUTE_NAME, savedRequest.getRedirectUrl(),
                        RequestAttributes.SCOPE_SESSION);
            }
        }
    }
}