Class Saml2WebSsoAuthenticationFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.ApplicationEventPublisherAware
,org.springframework.context.EnvironmentAware
,org.springframework.context.MessageSourceAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class Saml2WebSsoAuthenticationFilter
extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Since:
- 5.2
-
Field Summary
Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
authenticationDetailsSource, eventPublisher, messages
Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
-
Constructor Summary
ConstructorDescriptionSaml2WebSsoAuthenticationFilter
(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) Creates aSaml2WebSsoAuthenticationFilter
authentication filter that is configured to use theDEFAULT_FILTER_PROCESSES_URI
processing URLSaml2WebSsoAuthenticationFilter
(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, String filterProcessesUrl) Creates aSaml2WebSsoAuthenticationFilter
authentication filterSaml2WebSsoAuthenticationFilter
(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter) Creates aSaml2WebSsoAuthenticationFilter
that is configured to use theDEFAULT_FILTER_PROCESSES_URI
processing URLSaml2WebSsoAuthenticationFilter
(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter, String filterProcessesUrl) Creates aSaml2WebSsoAuthenticationFilter
given the provided parameters -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
attemptAuthentication
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) protected boolean
requiresAuthentication
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) void
setAuthenticationRequestRepository
(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository) Use the givenSaml2AuthenticationRequestRepository
to remove the saved authentication request.Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSecurityContextHolderStrategy, setSecurityContextRepository, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Field Details
-
DEFAULT_FILTER_PROCESSES_URI
- See Also:
-
-
Constructor Details
-
Saml2WebSsoAuthenticationFilter
public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) Creates aSaml2WebSsoAuthenticationFilter
authentication filter that is configured to use theDEFAULT_FILTER_PROCESSES_URI
processing URL- Parameters:
relyingPartyRegistrationRepository
- - repository of configured SAML 2 entities. Required.
-
Saml2WebSsoAuthenticationFilter
public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, String filterProcessesUrl) Creates aSaml2WebSsoAuthenticationFilter
authentication filter- Parameters:
relyingPartyRegistrationRepository
- - repository of configured SAML 2 entities. Required.filterProcessesUrl
- the processing URL, must contain a {registrationId} variable. Required.
-
Saml2WebSsoAuthenticationFilter
public Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter) Creates aSaml2WebSsoAuthenticationFilter
that is configured to use theDEFAULT_FILTER_PROCESSES_URI
processing URL- Parameters:
authenticationConverter
- the strategy for converting anHttpServletRequest
into anAuthentication
- Since:
- 6.2
-
Saml2WebSsoAuthenticationFilter
public Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter, String filterProcessesUrl) Creates aSaml2WebSsoAuthenticationFilter
given the provided parameters- Parameters:
authenticationConverter
- the strategy for converting anHttpServletRequest
into anAuthentication
filterProcessesUrl
- the processing URL- Since:
- 5.4
-
-
Method Details
-
requiresAuthentication
protected boolean requiresAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) - Overrides:
requiresAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
attemptAuthentication
public org.springframework.security.core.Authentication attemptAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws org.springframework.security.core.AuthenticationException - Specified by:
attemptAuthentication
in classorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
- Throws:
org.springframework.security.core.AuthenticationException
-
setAuthenticationRequestRepository
public void setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository) Use the givenSaml2AuthenticationRequestRepository
to remove the saved authentication request. If theauthenticationConverter
is of the typeSaml2AuthenticationTokenConverter
, theSaml2AuthenticationRequestRepository
will also be set into theauthenticationConverter
.- Parameters:
authenticationRequestRepository
- theSaml2AuthenticationRequestRepository
to use- Since:
- 5.6
-