Class Saml2WebSsoAuthenticationRequestFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter
- All Implemented Interfaces:
jakarta.servlet.Filter,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean,org.springframework.context.EnvironmentAware,org.springframework.core.env.EnvironmentCapable,org.springframework.web.context.ServletContextAware
public class Saml2WebSsoAuthenticationRequestFilter
extends org.springframework.web.filter.OncePerRequestFilter
This
Filter formulates a
SAML 2.0
AuthnRequest (line 1968) and redirects to a configured asserting party.
It supports the HTTP-Redirect (line 520) and HTTP-POST (line 753) bindings.
By default, this Filter responds to authentication requests at the URI
/saml2/authenticate/{registrationId}. The URI template variable
{registrationId} represents the
registration identifier of the
relying party that is used for initiating the authentication request.
- Since:
- 5.2
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIXFields inherited from class org.springframework.web.filter.GenericFilterBean
logger -
Constructor Summary
ConstructorsConstructorDescriptionSaml2WebSsoAuthenticationRequestFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) Deprecated.Saml2WebSsoAuthenticationRequestFilter(Saml2AuthenticationRequestResolver authenticationRequestResolver) Construct aSaml2WebSsoAuthenticationRequestFilterwith the strategy for resolving theAuthnRequestSaml2WebSsoAuthenticationRequestFilter(Saml2AuthenticationRequestContextResolver authenticationRequestContextResolver, Saml2AuthenticationRequestFactory authenticationRequestFactory) Construct aSaml2WebSsoAuthenticationRequestFilterwith the provided parameters -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) voidsetAuthenticationRequestFactory(Saml2AuthenticationRequestFactory authenticationRequestFactory) Deprecated.use the constructor insteadvoidsetAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository) Use the givenSaml2AuthenticationRequestRepositoryto save the authentication requestvoidsetRedirectMatcher(RequestMatcher redirectMatcher) Deprecated.Configure the request matcher in an implementation ofSaml2AuthenticationRequestResolverinsteadMethods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatchMethods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
Saml2WebSsoAuthenticationRequestFilter
@Deprecated public Saml2WebSsoAuthenticationRequestFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) Deprecated.use the constructor that takes aSaml2AuthenticationRequestFactoryConstruct aSaml2WebSsoAuthenticationRequestFilterwith the provided parameters- Parameters:
relyingPartyRegistrationRepository- a repository for relying party configurations
-
Saml2WebSsoAuthenticationRequestFilter
public Saml2WebSsoAuthenticationRequestFilter(Saml2AuthenticationRequestContextResolver authenticationRequestContextResolver, Saml2AuthenticationRequestFactory authenticationRequestFactory) Construct aSaml2WebSsoAuthenticationRequestFilterwith the provided parameters- Parameters:
authenticationRequestContextResolver- a strategy for formulating aSaml2AuthenticationRequestContextauthenticationRequestFactory- strategy for formulating a <saml2:AuthnRequest>- Since:
- 5.4
-
Saml2WebSsoAuthenticationRequestFilter
public Saml2WebSsoAuthenticationRequestFilter(Saml2AuthenticationRequestResolver authenticationRequestResolver) Construct aSaml2WebSsoAuthenticationRequestFilterwith the strategy for resolving theAuthnRequest- Parameters:
authenticationRequestResolver- the strategy for resolving theAuthnRequest- Since:
- 5.7
-
-
Method Details
-
setAuthenticationRequestFactory
@Deprecated public void setAuthenticationRequestFactory(Saml2AuthenticationRequestFactory authenticationRequestFactory) Deprecated.use the constructor insteadUse the givenSaml2AuthenticationRequestFactoryfor formulating the SAML 2.0 AuthnRequest- Parameters:
authenticationRequestFactory- theSaml2AuthenticationRequestFactoryto use
-
setRedirectMatcher
Deprecated.Configure the request matcher in an implementation ofSaml2AuthenticationRequestResolverinsteadUse the givenRequestMatcherthat activates this filter for a given request- Parameters:
redirectMatcher- theRequestMatcherto use
-
setAuthenticationRequestRepository
public void setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository) Use the givenSaml2AuthenticationRequestRepositoryto save the authentication request- Parameters:
authenticationRequestRepository- theSaml2AuthenticationRequestRepositoryto use- Since:
- 5.6
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternalin classorg.springframework.web.filter.OncePerRequestFilter- Throws:
jakarta.servlet.ServletExceptionIOException
-
Saml2AuthenticationRequestFactory