Package org.springframework.security.saml2.provider.service.web.authentication

Class Saml2WebSsoAuthenticationFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter
All Implemented Interfaces:
jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
public class Saml2WebSsoAuthenticationFilter extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Since:
5.2

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    DEFAULT_FILTER_PROCESSES_URI
     

    Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

    authenticationDetailsSource, eventPublisher, messages

    Fields inherited from class org.springframework.web.filter.GenericFilterBean

    logger

  • Constructor Summary

    Constructors
    Constructor
    Description
    Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository)
    Creates a Saml2WebSsoAuthenticationFilter authentication filter that is configured to use the DEFAULT_FILTER_PROCESSES_URI processing URL
    Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, String filterProcessesUrl)
    Creates a Saml2WebSsoAuthenticationFilter authentication filter
    Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter, String filterProcessesUrl)
    Creates a Saml2WebSsoAuthenticationFilter given the provided parameters

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.core.Authentication
    attemptAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
     
    protected boolean
    requiresAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
     
    void
    setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository)
    Use the given Saml2AuthenticationRequestRepository to remove the saved authentication request.

    Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

    afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSecurityContextHolderStrategy, setSecurityContextRepository, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication

    Methods inherited from class org.springframework.web.filter.GenericFilterBean

    addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • Saml2WebSsoAuthenticationFilter

      public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository)
      Creates a Saml2WebSsoAuthenticationFilter authentication filter that is configured to use the DEFAULT_FILTER_PROCESSES_URI processing URL
      Parameters:
      relyingPartyRegistrationRepository - - repository of configured SAML 2 entities. Required.

    • Saml2WebSsoAuthenticationFilter

      public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, String filterProcessesUrl)
      Creates a Saml2WebSsoAuthenticationFilter authentication filter
      Parameters:
      relyingPartyRegistrationRepository - - repository of configured SAML 2 entities. Required.
      filterProcessesUrl - the processing URL, must contain a {registrationId} variable. Required.

    • Saml2WebSsoAuthenticationFilter

      public Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter, String filterProcessesUrl)
      Creates a Saml2WebSsoAuthenticationFilter given the provided parameters
      Parameters:
      authenticationConverter - the strategy for converting an HttpServletRequest into an Authentication
      filterProcessesUrl - the processing URL
      Since:
      5.4

  • Method Details

    • requiresAuthentication

      protected boolean requiresAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Overrides:
      requiresAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

    • attemptAuthentication

      public org.springframework.security.core.Authentication attemptAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws org.springframework.security.core.AuthenticationException
      Specified by:
      attemptAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
      Throws:
      org.springframework.security.core.AuthenticationException

    • setAuthenticationRequestRepository

      public void setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository)
      Use the given Saml2AuthenticationRequestRepository to remove the saved authentication request. If the authenticationConverter is of the type Saml2AuthenticationTokenConverter, the Saml2AuthenticationRequestRepository will also be set into the authenticationConverter.
      Parameters:
      authenticationRequestRepository - the Saml2AuthenticationRequestRepository to use
      Since:
      5.6