Class AuthenticationWebFilter
- java.lang.Object
-
- org.springframework.security.web.server.authentication.AuthenticationWebFilter
-
- All Implemented Interfaces:
org.springframework.web.server.WebFilter
- Direct Known Subclasses:
OAuth2LoginAuthenticationWebFilter
public class AuthenticationWebFilter extends java.lang.Object implements org.springframework.web.server.WebFilter
AWebFilter
that performs authentication of a particular request. An outline of the logic:- A request comes in and if it does not match
setRequiresAuthenticationMatcher(ServerWebExchangeMatcher)
, then this filter does nothing and theWebFilterChain
is continued. If it does match then... - An attempt to convert the
ServerWebExchange
into anAuthentication
is made. If the result is empty, then the filter does nothing more and theWebFilterChain
is continued. If it does create anAuthentication
... - The
ReactiveAuthenticationManager
specified inAuthenticationWebFilter(ReactiveAuthenticationManager)
is used to perform authentication. - The
ReactiveAuthenticationManagerResolver
specified inAuthenticationWebFilter(ReactiveAuthenticationManagerResolver)
is used to resolve the appropriate authentication manager from context to perform authentication. - If authentication is successful,
ServerAuthenticationSuccessHandler
is invoked and the authentication is set onReactiveSecurityContextHolder
, elseServerAuthenticationFailureHandler
is invoked
- Since:
- 5.0
-
-
Constructor Summary
Constructors Constructor Description AuthenticationWebFilter(ReactiveAuthenticationManager authenticationManager)
Creates an instanceAuthenticationWebFilter(ReactiveAuthenticationManagerResolver<org.springframework.web.server.ServerWebExchange> authenticationManagerResolver)
Creates an instance
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description reactor.core.publisher.Mono<java.lang.Void>
filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)
protected reactor.core.publisher.Mono<java.lang.Void>
onAuthenticationSuccess(Authentication authentication, WebFilterExchange webFilterExchange)
void
setAuthenticationConverter(java.util.function.Function<org.springframework.web.server.ServerWebExchange,reactor.core.publisher.Mono<Authentication>> authenticationConverter)
Deprecated.As of 5.1 in favor ofsetServerAuthenticationConverter(ServerAuthenticationConverter)
void
setAuthenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler)
Sets the failure handler used when authentication fails.void
setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler authenticationSuccessHandler)
Sets the authentication success handler.void
setRequiresAuthenticationMatcher(ServerWebExchangeMatcher requiresAuthenticationMatcher)
Sets the matcher used to determine when creating anAuthentication
fromsetServerAuthenticationConverter(ServerAuthenticationConverter)
to be authentication.void
setSecurityContextRepository(ServerSecurityContextRepository securityContextRepository)
Sets the repository for persisting the SecurityContext.void
setServerAuthenticationConverter(ServerAuthenticationConverter authenticationConverter)
Sets the strategy used for converting from aServerWebExchange
to anAuthentication
used for authenticating with the providedReactiveAuthenticationManager
.
-
-
-
Constructor Detail
-
AuthenticationWebFilter
public AuthenticationWebFilter(ReactiveAuthenticationManager authenticationManager)
Creates an instance- Parameters:
authenticationManager
- the authentication manager to use
-
AuthenticationWebFilter
public AuthenticationWebFilter(ReactiveAuthenticationManagerResolver<org.springframework.web.server.ServerWebExchange> authenticationManagerResolver)
Creates an instance- Parameters:
authenticationManagerResolver
- the authentication manager resolver to use- Since:
- 5.3
-
-
Method Detail
-
filter
public reactor.core.publisher.Mono<java.lang.Void> filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)
- Specified by:
filter
in interfaceorg.springframework.web.server.WebFilter
-
onAuthenticationSuccess
protected reactor.core.publisher.Mono<java.lang.Void> onAuthenticationSuccess(Authentication authentication, WebFilterExchange webFilterExchange)
-
setSecurityContextRepository
public void setSecurityContextRepository(ServerSecurityContextRepository securityContextRepository)
Sets the repository for persisting the SecurityContext. Default isNoOpServerSecurityContextRepository
- Parameters:
securityContextRepository
- the repository to use
-
setAuthenticationSuccessHandler
public void setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler authenticationSuccessHandler)
Sets the authentication success handler. Default isWebFilterChainServerAuthenticationSuccessHandler
- Parameters:
authenticationSuccessHandler
- the success handler to use
-
setAuthenticationConverter
@Deprecated public void setAuthenticationConverter(java.util.function.Function<org.springframework.web.server.ServerWebExchange,reactor.core.publisher.Mono<Authentication>> authenticationConverter)
Deprecated.As of 5.1 in favor ofsetServerAuthenticationConverter(ServerAuthenticationConverter)
Sets the strategy used for converting from aServerWebExchange
to anAuthentication
used for authenticating with the providedReactiveAuthenticationManager
. If the result is empty, then it signals that no authentication attempt should be made. The default converter isServerHttpBasicAuthenticationConverter
- Parameters:
authenticationConverter
- the converter to use- See Also:
setServerAuthenticationConverter(ServerAuthenticationConverter)
-
setServerAuthenticationConverter
public void setServerAuthenticationConverter(ServerAuthenticationConverter authenticationConverter)
Sets the strategy used for converting from aServerWebExchange
to anAuthentication
used for authenticating with the providedReactiveAuthenticationManager
. If the result is empty, then it signals that no authentication attempt should be made. The default converter isServerHttpBasicAuthenticationConverter
- Parameters:
authenticationConverter
- the converter to use- Since:
- 5.1
-
setAuthenticationFailureHandler
public void setAuthenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler)
Sets the failure handler used when authentication fails. The default is to prompt for basic authentication.- Parameters:
authenticationFailureHandler
- the handler to use. Cannot be null.
-
setRequiresAuthenticationMatcher
public void setRequiresAuthenticationMatcher(ServerWebExchangeMatcher requiresAuthenticationMatcher)
Sets the matcher used to determine when creating anAuthentication
fromsetServerAuthenticationConverter(ServerAuthenticationConverter)
to be authentication. If the converter returns an empty result, then no authentication is attempted. The default is any request- Parameters:
requiresAuthenticationMatcher
- the matcher to use. Cannot be null.
-
-