org.acegisecurity.context.rmi
Class ContextPropagatingRemoteInvocation

java.lang.Object
  extended by org.springframework.remoting.support.RemoteInvocation
      extended by org.acegisecurity.context.rmi.ContextPropagatingRemoteInvocation
All Implemented Interfaces:
java.io.Serializable

public class ContextPropagatingRemoteInvocation
extends org.springframework.remoting.support.RemoteInvocation

The actual RemoteInvocation that is passed from the client to the server, which contains the contents of SecurityContextHolder, being a SecurityContext object.

When constructed on the client via ContextPropagatingRemoteInvocationFactory, the contents of the SecurityContext are stored inside the object. The object is then passed to the server that is processing the remote invocation. Upon the server invoking the remote invocation, it will retrieve the passed contents of the SecurityContextHolder and set them to the server-side SecurityContextHolder whilst the target object is invoked. When the target invocation has been completed, the server-side SecurityContextHolder will be reset to a new instance of SecurityContextImpl.

Version:
$Id: ContextPropagatingRemoteInvocation.java 1496 2006-05-23 13:38:33Z benalex $
Author:
James Monaghan, Ben Alex
See Also:
Serialized Form

Constructor Summary
ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
          Constructs the object, storing the value of the client-side SecurityContextHolder inside the object.
 
Method Summary
 java.lang.Object invoke(java.lang.Object targetObject)
          Invoked on the server-side as described in the class JavaDocs.
 
Methods inherited from class org.springframework.remoting.support.RemoteInvocation
addAttribute, getArguments, getAttribute, getAttributes, getMethodName, getParameterTypes, setArguments, setAttributes, setMethodName, setParameterTypes, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ContextPropagatingRemoteInvocation

public ContextPropagatingRemoteInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation)
Constructs the object, storing the value of the client-side SecurityContextHolder inside the object.

Parameters:
methodInvocation - the method to invoke
Method Detail

invoke

public java.lang.Object invoke(java.lang.Object targetObject)
                        throws java.lang.NoSuchMethodException,
                               java.lang.IllegalAccessException,
                               java.lang.reflect.InvocationTargetException
Invoked on the server-side as described in the class JavaDocs.

Invocations will always have their Authentication.setAuthenticated(boolean) set to false, which is guaranteed to always be accepted by Authentication implementations. This ensures that even remotely authenticated Authentications will be untrusted by the server-side, which is an appropriate security measure.

Overrides:
invoke in class org.springframework.remoting.support.RemoteInvocation
Parameters:
targetObject - the target object to apply the invocation to
Returns:
the invocation result
Throws:
java.lang.NoSuchMethodException - if the method name could not be resolved
java.lang.IllegalAccessException - if the method could not be accessed
java.lang.reflect.InvocationTargetException - if the method invocation resulted in an exception


Copyright © 2004-2011 Interface21, Inc. All Rights Reserved.