java.lang.Object

org.springframework.security.web.server.authentication.AuthenticationWebFilter

All Implemented Interfaces:: org.springframework.web.server.WebFilter

public class AuthenticationWebFilter extends Object implements org.springframework.web.server.WebFilter

A WebFilter that performs authentication of a particular request. An outline of the logic:

A request comes in and if it does not match setRequiresAuthenticationMatcher(ServerWebExchangeMatcher), then this filter does nothing and the WebFilterChain is continued. If it does match then...
An attempt to convert the ServerWebExchange into an Authentication is made. If the result is empty, then the filter does nothing more and the WebFilterChain is continued. If it does create an Authentication...
The ReactiveAuthenticationManager specified in AuthenticationWebFilter(ReactiveAuthenticationManager) is used to perform authentication.
The ReactiveAuthenticationManagerResolver specified in AuthenticationWebFilter(ReactiveAuthenticationManagerResolver) is used to resolve the appropriate authentication manager from context to perform authentication.
If authentication is successful, ServerAuthenticationSuccessHandler is invoked and the authentication is set on ReactiveSecurityContextHolder, else ServerAuthenticationFailureHandler is invoked

Since:: 5.0

Constructor Summary

Constructors

Constructor

Description

AuthenticationWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager)

Creates an instance

AuthenticationWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManagerResolver<org.springframework.web.server.ServerWebExchange> authenticationManagerResolver)

Creates an instance
Method Summary

Modifier and Type

Method

Description

reactor.core.publisher.Mono<Void>

filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)

protected reactor.core.publisher.Mono<Void>

onAuthenticationSuccess(org.springframework.security.core.Authentication authentication, WebFilterExchange webFilterExchange)

void

setAuthenticationConverter(Function<org.springframework.web.server.ServerWebExchange,reactor.core.publisher.Mono<org.springframework.security.core.Authentication>> authenticationConverter)

Deprecated.
As of 5.1 in favor of setServerAuthenticationConverter(ServerAuthenticationConverter)

void

setAuthenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler)

Sets the failure handler used when authentication fails.

void

setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler authenticationSuccessHandler)

Sets the authentication success handler.

void

setRequiresAuthenticationMatcher(ServerWebExchangeMatcher requiresAuthenticationMatcher)

Sets the matcher used to determine when creating an Authentication from setServerAuthenticationConverter(ServerAuthenticationConverter) to be authentication.

void

setSecurityContextRepository(ServerSecurityContextRepository securityContextRepository)

Sets the repository for persisting the SecurityContext.

void

setServerAuthenticationConverter(ServerAuthenticationConverter authenticationConverter)

Sets the strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with the provided ReactiveAuthenticationManager.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- AuthenticationWebFilter
  
  public AuthenticationWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager)
  
  Creates an instance
  
  Parameters:
  
  authenticationManager - the authentication manager to use
- AuthenticationWebFilter
  
  public AuthenticationWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManagerResolver<org.springframework.web.server.ServerWebExchange> authenticationManagerResolver)
  
  Creates an instance
  
  Parameters:
  
  authenticationManagerResolver - the authentication manager resolver to use
  
  Since:
  
  5.3
Method Details
- filter
  
  public reactor.core.publisher.Mono<Void> filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)
  
  Specified by:
  
  filter in interface org.springframework.web.server.WebFilter
- onAuthenticationSuccess
  
  protected reactor.core.publisher.Mono<Void> onAuthenticationSuccess(org.springframework.security.core.Authentication authentication, WebFilterExchange webFilterExchange)
- setSecurityContextRepository
  
  public void setSecurityContextRepository(ServerSecurityContextRepository securityContextRepository)
  
  Sets the repository for persisting the SecurityContext. Default is NoOpServerSecurityContextRepository
  
  Parameters:
  
  securityContextRepository - the repository to use
- setAuthenticationSuccessHandler
  
  public void setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler authenticationSuccessHandler)
  
  Sets the authentication success handler. Default is WebFilterChainServerAuthenticationSuccessHandler
  
  Parameters:
  
  authenticationSuccessHandler - the success handler to use
- setAuthenticationConverter
  
  @Deprecated public void setAuthenticationConverter(Function<org.springframework.web.server.ServerWebExchange,reactor.core.publisher.Mono<org.springframework.security.core.Authentication>> authenticationConverter)
  
  Deprecated.
  As of 5.1 in favor of setServerAuthenticationConverter(ServerAuthenticationConverter)
  
  Sets the strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with the provided ReactiveAuthenticationManager. If the result is empty, then it signals that no authentication attempt should be made. The default converter is ServerHttpBasicAuthenticationConverter
  Parameters:
  
  authenticationConverter - the converter to use
  
  See Also:
  
  setServerAuthenticationConverter(ServerAuthenticationConverter)
- setServerAuthenticationConverter
  
  public void setServerAuthenticationConverter(ServerAuthenticationConverter authenticationConverter)
  
  Sets the strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with the provided ReactiveAuthenticationManager. If the result is empty, then it signals that no authentication attempt should be made. The default converter is ServerHttpBasicAuthenticationConverter
  
  Parameters:
  
  authenticationConverter - the converter to use
  
  Since:
  
  5.1
- setAuthenticationFailureHandler
  
  public void setAuthenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler)
  
  Sets the failure handler used when authentication fails. The default is to prompt for basic authentication.
  
  Parameters:
  
  authenticationFailureHandler - the handler to use. Cannot be null.
- setRequiresAuthenticationMatcher
  
  public void setRequiresAuthenticationMatcher(ServerWebExchangeMatcher requiresAuthenticationMatcher)
  
  Sets the matcher used to determine when creating an Authentication from setServerAuthenticationConverter(ServerAuthenticationConverter) to be authentication. If the converter returns an empty result, then no authentication is attempted. The default is any request
  
  Parameters:
  
  requiresAuthenticationMatcher - the matcher to use. Cannot be null.

Class AuthenticationWebFilter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

AuthenticationWebFilter

AuthenticationWebFilter

Method Details

filter

onAuthenticationSuccess

setSecurityContextRepository

setAuthenticationSuccessHandler

setAuthenticationConverter

setServerAuthenticationConverter

setAuthenticationFailureHandler

setRequiresAuthenticationMatcher