Class KeycloakAuthenticationProcessingFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.ApplicationContextAware
,org.springframework.context.ApplicationEventPublisherAware
,org.springframework.context.EnvironmentAware
,org.springframework.context.MessageSourceAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class KeycloakAuthenticationProcessingFilter extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter implements org.springframework.context.ApplicationContextAware
Provides a Keycloak authentication processing filter.- Version:
- $Revision: 1 $
- Author:
- Scott Rossillo
-
-
Field Summary
Fields Modifier and Type Field Description static String
AUTHORIZATION_HEADER
static org.springframework.security.web.util.matcher.RequestMatcher
DEFAULT_REQUEST_MATCHER
Request matcher that matches requests to thedefault login URI
and any request with aAuthorization
header or anadapter state cookie
.
-
Constructor Summary
Constructors Constructor Description KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)
Creates a new Keycloak authentication processing filter with givenAuthenticationManager
and thedefault request matcher
.KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, org.springframework.security.web.util.matcher.RequestMatcher requiresAuthenticationRequestMatcher)
Creates a new Keycloak authentication processing filter with givenAuthenticationManager
andRequestMatcher
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
afterPropertiesSet()
org.springframework.security.core.Authentication
attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
void
setAdapterTokenStoreFactory(AdapterTokenStoreFactory adapterTokenStoreFactory)
Sets the adapter token store factory to use when creating per-request adapter token stores.void
setAllowSessionCreation(boolean allowSessionCreation)
This filter does not support explicitly enabling session creation.void
setApplicationContext(org.springframework.context.ApplicationContext applicationContext)
void
setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication)
This filter does not support explicitly setting a continue chain before success policyvoid
setRequestAuthenticatorFactory(RequestAuthenticatorFactory requestAuthenticatorFactory)
Sets the request authenticator factory to use when creating per-request authenticators.protected void
successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain, org.springframework.security.core.Authentication authResult)
protected void
unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed)
-
Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy
-
-
-
-
Field Detail
-
AUTHORIZATION_HEADER
public static final String AUTHORIZATION_HEADER
- See Also:
- Constant Field Values
-
DEFAULT_REQUEST_MATCHER
public static final org.springframework.security.web.util.matcher.RequestMatcher DEFAULT_REQUEST_MATCHER
Request matcher that matches requests to thedefault login URI
and any request with aAuthorization
header or anadapter state cookie
.
-
-
Constructor Detail
-
KeycloakAuthenticationProcessingFilter
public KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)
Creates a new Keycloak authentication processing filter with givenAuthenticationManager
and thedefault request matcher
.- Parameters:
authenticationManager
- theAuthenticationManager
to authenticate requests (cannot be null)- See Also:
DEFAULT_REQUEST_MATCHER
-
KeycloakAuthenticationProcessingFilter
public KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, org.springframework.security.web.util.matcher.RequestMatcher requiresAuthenticationRequestMatcher)
Creates a new Keycloak authentication processing filter with givenAuthenticationManager
andRequestMatcher
.Note: the given request matcher must support matching the
Authorization
header if bearer token authentication is to be accepted.- Parameters:
authenticationManager
- theAuthenticationManager
to authenticate requests (cannot be null)requiresAuthenticationRequestMatcher
- theRequestMatcher
used to determine if authentication is required (cannot be null)- See Also:
RequestHeaderRequestMatcher
,OrRequestMatcher
-
-
Method Detail
-
afterPropertiesSet
public void afterPropertiesSet()
- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
- Overrides:
afterPropertiesSet
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
attemptAuthentication
public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws org.springframework.security.core.AuthenticationException, IOException, javax.servlet.ServletException
- Specified by:
attemptAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
org.springframework.security.core.AuthenticationException
IOException
javax.servlet.ServletException
-
successfulAuthentication
protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain, org.springframework.security.core.Authentication authResult) throws IOException, javax.servlet.ServletException
- Overrides:
successfulAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
IOException
javax.servlet.ServletException
-
unsuccessfulAuthentication
protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed) throws IOException, javax.servlet.ServletException
- Overrides:
unsuccessfulAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
IOException
javax.servlet.ServletException
-
setApplicationContext
public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException
- Specified by:
setApplicationContext
in interfaceorg.springframework.context.ApplicationContextAware
- Throws:
org.springframework.beans.BeansException
-
setAdapterTokenStoreFactory
public void setAdapterTokenStoreFactory(AdapterTokenStoreFactory adapterTokenStoreFactory)
Sets the adapter token store factory to use when creating per-request adapter token stores.- Parameters:
adapterTokenStoreFactory
- theAdapterTokenStoreFactory
to use
-
setAllowSessionCreation
public final void setAllowSessionCreation(boolean allowSessionCreation)
This filter does not support explicitly enabling session creation.- Overrides:
setAllowSessionCreation
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
UnsupportedOperationException
- this filter does not support explicitly enabling session creation.
-
setContinueChainBeforeSuccessfulAuthentication
public final void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication)
This filter does not support explicitly setting a continue chain before success policy- Overrides:
setContinueChainBeforeSuccessfulAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
UnsupportedOperationException
- this filter does not support explicitly setting a continue chain before success policy
-
setRequestAuthenticatorFactory
public void setRequestAuthenticatorFactory(RequestAuthenticatorFactory requestAuthenticatorFactory)
Sets the request authenticator factory to use when creating per-request authenticators.- Parameters:
requestAuthenticatorFactory
- theRequestAuthenticatorFactory
to use
-
-