Class AuthenticationFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.web.filter.OncePerRequestFilter
-
- org.springframework.security.web.authentication.AuthenticationFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class AuthenticationFilter extends org.springframework.web.filter.OncePerRequestFilter
AFilter
that performs authentication of a particular request. An outline of the logic:- A request comes in and if it does not match
setRequestMatcher(RequestMatcher)
, then this filter does nothing and theFilterChain
is continued. If it does match then... - An attempt to convert the
HttpServletRequest
into anAuthentication
is made. If the result is empty, then the filter does nothing more and theFilterChain
is continued. If it does create anAuthentication
... - The
AuthenticationManager
specified in#GenericAuthenticationFilter(AuthenticationManager)
is used to perform authentication. - The
AuthenticationManagerResolver
specified in#GenericAuthenticationFilter(AuthenticationManagerResolver)
is used to resolve the appropriate authentication manager from context to perform authentication. - If authentication is successful,
AuthenticationSuccessHandler
is invoked and the authentication is set onSecurityContextHolder
, elseAuthenticationFailureHandler
is invoked
- Since:
- 5.2.0
-
-
Constructor Summary
Constructors Constructor Description AuthenticationFilter(AuthenticationManagerResolver<javax.servlet.http.HttpServletRequest> authenticationManagerResolver, AuthenticationConverter authenticationConverter)
AuthenticationFilter(AuthenticationManager authenticationManager, AuthenticationConverter authenticationConverter)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
AuthenticationConverter
getAuthenticationConverter()
AuthenticationManagerResolver<javax.servlet.http.HttpServletRequest>
getAuthenticationManagerResolver()
AuthenticationFailureHandler
getFailureHandler()
RequestMatcher
getRequestMatcher()
AuthenticationSuccessHandler
getSuccessHandler()
void
setAuthenticationConverter(AuthenticationConverter authenticationConverter)
void
setAuthenticationManagerResolver(AuthenticationManagerResolver<javax.servlet.http.HttpServletRequest> authenticationManagerResolver)
void
setFailureHandler(AuthenticationFailureHandler failureHandler)
void
setRequestMatcher(RequestMatcher requestMatcher)
void
setSuccessHandler(AuthenticationSuccessHandler successHandler)
-
Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
-
-
-
-
Constructor Detail
-
AuthenticationFilter
public AuthenticationFilter(AuthenticationManager authenticationManager, AuthenticationConverter authenticationConverter)
-
AuthenticationFilter
public AuthenticationFilter(AuthenticationManagerResolver<javax.servlet.http.HttpServletRequest> authenticationManagerResolver, AuthenticationConverter authenticationConverter)
-
-
Method Detail
-
getRequestMatcher
public RequestMatcher getRequestMatcher()
-
setRequestMatcher
public void setRequestMatcher(RequestMatcher requestMatcher)
-
getAuthenticationConverter
public AuthenticationConverter getAuthenticationConverter()
-
setAuthenticationConverter
public void setAuthenticationConverter(AuthenticationConverter authenticationConverter)
-
getSuccessHandler
public AuthenticationSuccessHandler getSuccessHandler()
-
setSuccessHandler
public void setSuccessHandler(AuthenticationSuccessHandler successHandler)
-
getFailureHandler
public AuthenticationFailureHandler getFailureHandler()
-
setFailureHandler
public void setFailureHandler(AuthenticationFailureHandler failureHandler)
-
getAuthenticationManagerResolver
public AuthenticationManagerResolver<javax.servlet.http.HttpServletRequest> getAuthenticationManagerResolver()
-
setAuthenticationManagerResolver
public void setAuthenticationManagerResolver(AuthenticationManagerResolver<javax.servlet.http.HttpServletRequest> authenticationManagerResolver)
-
doFilterInternal
protected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws javax.servlet.ServletException, java.io.IOException
- Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
javax.servlet.ServletException
java.io.IOException
-
-