org.springframework.security.web.server.authentication

Class AuthenticationWebFilter

java.lang.Object

org.springframework.security.web.server.authentication.AuthenticationWebFilter

All Implemented Interfaces:

org.springframework.web.server.WebFilter

public class AuthenticationWebFilter
extends java.lang.Object
implements org.springframework.web.server.WebFilter

A WebFilter that performs authentication of a particular request. An outline of the logic:

• A request comes in and if it does not match setRequiresAuthenticationMatcher(ServerWebExchangeMatcher), then this filter does nothing and the WebFilterChain is continued. If it does match then...
• An attempt to convert the ServerWebExchange into an Authentication is made. If the result is empty, then the filter does nothing more and the WebFilterChain is continued. If it does create an Authentication...
• The ReactiveAuthenticationManager specified in AuthenticationWebFilter(ReactiveAuthenticationManager) is used to perform authentication.
• If authentication is successful, ServerAuthenticationSuccessHandler is invoked and the authentication is set on ReactiveSecurityContextHolder, else ServerAuthenticationFailureHandler is invoked

Since:

5.0

Constructor Summary

Constructors

Constructor and Description
AuthenticationWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager) Creates an instance

Method Summary

Modifier and Type	Method and Description
reactor.core.publisher.Mono<java.lang.Void>	filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)
void	setAuthenticationConverter(java.util.function.Function<org.springframework.web.server.ServerWebExchange,reactor.core.publisher.Mono<org.springframework.security.core.Authentication>> authenticationConverter) Sets the strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with the provided ReactiveAuthenticationManager.
void	setAuthenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler) Sets the failure handler used when authentication fails.
void	setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler authenticationSuccessHandler) Sets the authentication success handler.
void	setRequiresAuthenticationMatcher(ServerWebExchangeMatcher requiresAuthenticationMatcher) Sets the matcher used to determine when creating an Authentication from setAuthenticationConverter(Function) to be authentication.
void	setSecurityContextRepository(ServerSecurityContextRepository securityContextRepository) Sets the repository for persisting the SecurityContext.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthenticationWebFilter

public AuthenticationWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager)

Creates an instance

Parameters:

authenticationManager - the authentication manager to use

Method Detail

filter

public reactor.core.publisher.Mono<java.lang.Void> filter(org.springframework.web.server.ServerWebExchange exchange,
                                                          org.springframework.web.server.WebFilterChain chain)

Specified by:

filter in interface org.springframework.web.server.WebFilter

setSecurityContextRepository

public void setSecurityContextRepository(ServerSecurityContextRepository securityContextRepository)

Sets the repository for persisting the SecurityContext. Default is NoOpServerSecurityContextRepository

Parameters:

securityContextRepository - the repository to use

setAuthenticationSuccessHandler

public void setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler authenticationSuccessHandler)

Sets the authentication success handler. Default is WebFilterChainServerAuthenticationSuccessHandler

Parameters:

authenticationSuccessHandler - the success handler to use

setAuthenticationConverter

public void setAuthenticationConverter(java.util.function.Function<org.springframework.web.server.ServerWebExchange,reactor.core.publisher.Mono<org.springframework.security.core.Authentication>> authenticationConverter)

Sets the strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with the provided ReactiveAuthenticationManager. If the result is empty, then it signals that no authentication attempt should be made. The default converter is ServerHttpBasicAuthenticationConverter

Parameters:

authenticationConverter - the converter to use

setAuthenticationFailureHandler

public void setAuthenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler)

Sets the failure handler used when authentication fails. The default is to prompt for basic authentication.

Parameters:

authenticationFailureHandler - the handler to use. Cannot be null.

setRequiresAuthenticationMatcher

public void setRequiresAuthenticationMatcher(ServerWebExchangeMatcher requiresAuthenticationMatcher)

Sets the matcher used to determine when creating an Authentication from setAuthenticationConverter(Function) to be authentication. If the converter returns an empty result, then no authentication is attempted. The default is any request

Parameters:

requiresAuthenticationMatcher - the matcher to use. Cannot be null.