Class Saml2WebSsoAuthenticationFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.ApplicationEventPublisherAware
,org.springframework.context.EnvironmentAware
,org.springframework.context.MessageSourceAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class Saml2WebSsoAuthenticationFilter extends AbstractAuthenticationProcessingFilter
- Since:
- 5.2
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
DEFAULT_FILTER_PROCESSES_URI
-
Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
authenticationDetailsSource, eventPublisher, messages
-
-
Constructor Summary
Constructors Constructor Description Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository)
Creates aSaml2WebSsoAuthenticationFilter
authentication filter that is configured to use theDEFAULT_FILTER_PROCESSES_URI
processing URLSaml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, java.lang.String filterProcessesUrl)
Creates aSaml2WebSsoAuthenticationFilter
authentication filterSaml2WebSsoAuthenticationFilter(AuthenticationConverter authenticationConverter, java.lang.String filterProcessesUrl)
Creates aSaml2WebSsoAuthenticationFilter
given the provided parameters
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Authentication
attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Performs actual authentication.protected boolean
requiresAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Indicates whether this filter should attempt to process a login request for the current invocation.void
setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository)
Use the givenSaml2AuthenticationRequestRepository
to remove the saved authentication request.-
Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication
-
-
-
-
Field Detail
-
DEFAULT_FILTER_PROCESSES_URI
public static final java.lang.String DEFAULT_FILTER_PROCESSES_URI
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
Saml2WebSsoAuthenticationFilter
public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository)
Creates aSaml2WebSsoAuthenticationFilter
authentication filter that is configured to use theDEFAULT_FILTER_PROCESSES_URI
processing URL- Parameters:
relyingPartyRegistrationRepository
- - repository of configured SAML 2 entities. Required.
-
Saml2WebSsoAuthenticationFilter
public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, java.lang.String filterProcessesUrl)
Creates aSaml2WebSsoAuthenticationFilter
authentication filter- Parameters:
relyingPartyRegistrationRepository
- - repository of configured SAML 2 entities. Required.filterProcessesUrl
- the processing URL, must contain a {registrationId} variable. Required.
-
Saml2WebSsoAuthenticationFilter
public Saml2WebSsoAuthenticationFilter(AuthenticationConverter authenticationConverter, java.lang.String filterProcessesUrl)
Creates aSaml2WebSsoAuthenticationFilter
given the provided parameters- Parameters:
authenticationConverter
- the strategy for converting anHttpServletRequest
into anAuthentication
filterProcessesUrl
- the processing URL- Since:
- 5.4
-
-
Method Detail
-
requiresAuthentication
protected boolean requiresAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Description copied from class:AbstractAuthenticationProcessingFilter
Indicates whether this filter should attempt to process a login request for the current invocation.It strips any parameters from the "path" section of the request URL (such as the jsessionid parameter in https://host/myapp/index.html;jsessionid=blah) before matching against the
filterProcessesUrl
property.Subclasses may override for special requirements, such as Tapestry integration.
- Overrides:
requiresAuthentication
in classAbstractAuthenticationProcessingFilter
- Returns:
true
if the filter should attempt authentication,false
otherwise.
-
attemptAuthentication
public Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws AuthenticationException
Description copied from class:AbstractAuthenticationProcessingFilter
Performs actual authentication.The implementation should do one of the following:
- Return a populated authentication token for the authenticated user, indicating successful authentication
- Return null, indicating that the authentication process is still in progress. Before returning, the implementation should perform any additional work required to complete the process.
- Throw an AuthenticationException if the authentication process fails
- Specified by:
attemptAuthentication
in classAbstractAuthenticationProcessingFilter
- Parameters:
request
- from which to extract parameters and perform the authenticationresponse
- the response, which may be needed if the implementation has to do a redirect as part of a multi-stage authentication process (such as OpenID).- Returns:
- the authenticated user token, or null if authentication is incomplete.
- Throws:
AuthenticationException
- if authentication fails.
-
setAuthenticationRequestRepository
public void setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository)
Use the givenSaml2AuthenticationRequestRepository
to remove the saved authentication request. If theauthenticationConverter
is of the typeSaml2AuthenticationTokenConverter
, theSaml2AuthenticationRequestRepository
will also be set into theauthenticationConverter
.- Parameters:
authenticationRequestRepository
- theSaml2AuthenticationRequestRepository
to use- Since:
- 5.6
-
-