Class KeycloakAuthenticationProcessingFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.ApplicationContextAware
,org.springframework.context.ApplicationEventPublisherAware
,org.springframework.context.EnvironmentAware
,org.springframework.context.MessageSourceAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class KeycloakAuthenticationProcessingFilter
extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
implements org.springframework.context.ApplicationContextAware
Provides a Keycloak authentication processing filter.
- Version:
- $Revision: 1 $
- Author:
- Scott Rossillo
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
static final org.springframework.security.web.util.matcher.RequestMatcher
Request matcher that matches requests to thedefault login URI
and any request with aAuthorization
header or anadapter state cookie
.Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
authenticationDetailsSource, eventPublisher, messages
Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
-
Constructor Summary
ConstructorDescriptionKeycloakAuthenticationProcessingFilter
(org.springframework.security.authentication.AuthenticationManager authenticationManager) Creates a new Keycloak authentication processing filter with givenAuthenticationManager
and thedefault request matcher
.KeycloakAuthenticationProcessingFilter
(org.springframework.security.authentication.AuthenticationManager authenticationManager, org.springframework.security.web.util.matcher.RequestMatcher requiresAuthenticationRequestMatcher) Creates a new Keycloak authentication processing filter with givenAuthenticationManager
andRequestMatcher
. -
Method Summary
Modifier and TypeMethodDescriptionvoid
org.springframework.security.core.Authentication
attemptAuthentication
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) void
setAdapterTokenStoreFactory
(AdapterTokenStoreFactory adapterTokenStoreFactory) Sets the adapter token store factory to use when creating per-request adapter token stores.final void
setAllowSessionCreation
(boolean allowSessionCreation) This filter does not support explicitly enabling session creation.void
setApplicationContext
(org.springframework.context.ApplicationContext applicationContext) final void
setContinueChainBeforeSuccessfulAuthentication
(boolean continueChainBeforeSuccessfulAuthentication) This filter does not support explicitly setting a continue chain before success policyvoid
setRequestAuthenticatorFactory
(RequestAuthenticatorFactory requestAuthenticatorFactory) Sets the request authenticator factory to use when creating per-request authenticators.protected void
successfulAuthentication
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain, org.springframework.security.core.Authentication authResult) protected void
unsuccessfulAuthentication
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed) Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Field Details
-
AUTHORIZATION_HEADER
- See Also:
-
DEFAULT_REQUEST_MATCHER
public static final org.springframework.security.web.util.matcher.RequestMatcher DEFAULT_REQUEST_MATCHERRequest matcher that matches requests to thedefault login URI
and any request with aAuthorization
header or anadapter state cookie
.
-
-
Constructor Details
-
KeycloakAuthenticationProcessingFilter
public KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager) Creates a new Keycloak authentication processing filter with givenAuthenticationManager
and thedefault request matcher
.- Parameters:
authenticationManager
- theAuthenticationManager
to authenticate requests (cannot be null)- See Also:
-
KeycloakAuthenticationProcessingFilter
public KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, org.springframework.security.web.util.matcher.RequestMatcher requiresAuthenticationRequestMatcher) Creates a new Keycloak authentication processing filter with givenAuthenticationManager
andRequestMatcher
.Note: the given request matcher must support matching the
Authorization
header if bearer token authentication is to be accepted.- Parameters:
authenticationManager
- theAuthenticationManager
to authenticate requests (cannot be null)requiresAuthenticationRequestMatcher
- theRequestMatcher
used to determine if authentication is required (cannot be null)- See Also:
-
RequestHeaderRequestMatcher
OrRequestMatcher
-
-
Method Details
-
afterPropertiesSet
public void afterPropertiesSet()- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
- Overrides:
afterPropertiesSet
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
attemptAuthentication
public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws org.springframework.security.core.AuthenticationException, IOException, javax.servlet.ServletException - Specified by:
attemptAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
org.springframework.security.core.AuthenticationException
IOException
javax.servlet.ServletException
-
successfulAuthentication
protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain, org.springframework.security.core.Authentication authResult) throws IOException, javax.servlet.ServletException - Overrides:
successfulAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
IOException
javax.servlet.ServletException
-
unsuccessfulAuthentication
protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed) throws IOException, javax.servlet.ServletException - Overrides:
unsuccessfulAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
IOException
javax.servlet.ServletException
-
setApplicationContext
public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException - Specified by:
setApplicationContext
in interfaceorg.springframework.context.ApplicationContextAware
- Throws:
org.springframework.beans.BeansException
-
setAdapterTokenStoreFactory
Sets the adapter token store factory to use when creating per-request adapter token stores.- Parameters:
adapterTokenStoreFactory
- theAdapterTokenStoreFactory
to use
-
setAllowSessionCreation
public final void setAllowSessionCreation(boolean allowSessionCreation) This filter does not support explicitly enabling session creation.- Overrides:
setAllowSessionCreation
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
UnsupportedOperationException
- this filter does not support explicitly enabling session creation.
-
setContinueChainBeforeSuccessfulAuthentication
public final void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication) This filter does not support explicitly setting a continue chain before success policy- Overrides:
setContinueChainBeforeSuccessfulAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
UnsupportedOperationException
- this filter does not support explicitly setting a continue chain before success policy
-
setRequestAuthenticatorFactory
Sets the request authenticator factory to use when creating per-request authenticators.- Parameters:
requestAuthenticatorFactory
- theRequestAuthenticatorFactory
to use
-