public class KeycloakAuthenticationProcessingFilter
extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
implements org.springframework.context.ApplicationContextAware
Modifier and Type | Field and Description |
---|---|
static String |
AUTHORIZATION_HEADER |
static String |
DEFAULT_LOGIN_URL |
static org.springframework.security.web.util.matcher.RequestMatcher |
DEFAULT_REQUEST_MATCHER
Request matcher that matches requests to the
default login URI
and any request with a Authorization header. |
static String |
SCHEME_BASIC |
static String |
SCHEME_BEARER |
Constructor and Description |
---|
KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)
Creates a new Keycloak authentication processing filter with given
AuthenticationManager and the
default request matcher . |
KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager,
org.springframework.security.web.util.matcher.RequestMatcher requiresAuthenticationRequestMatcher)
Creates a new Keycloak authentication processing filter with given
AuthenticationManager and
RequestMatcher . |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
org.springframework.security.core.Authentication |
attemptAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response) |
protected boolean |
isBasicAuthRequest(javax.servlet.http.HttpServletRequest request)
Returns true if the request was made with a Basic authentication authorization header.
|
protected boolean |
isBearerTokenRequest(javax.servlet.http.HttpServletRequest request)
Returns true if the request was made with a bearer token authorization header.
|
void |
setAdapterTokenStoreFactory(AdapterTokenStoreFactory adapterTokenStoreFactory)
Sets the adapter token store factory to use when creating per-request adapter token stores.
|
void |
setAllowSessionCreation(boolean allowSessionCreation)
This filter does not support explicitly enabling session creation.
|
void |
setApplicationContext(org.springframework.context.ApplicationContext applicationContext) |
void |
setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication)
This filter does not support explicitly setting a continue chain before success policy
|
protected void |
successfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain,
org.springframework.security.core.Authentication authResult) |
protected void |
unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
org.springframework.security.core.AuthenticationException failed) |
doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getFilterProcessesUrl, getRememberMeServices, getSuccessHandler, requiresAuthentication, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication
public static final String DEFAULT_LOGIN_URL
public static final String AUTHORIZATION_HEADER
public static final String SCHEME_BEARER
public static final String SCHEME_BASIC
public static final org.springframework.security.web.util.matcher.RequestMatcher DEFAULT_REQUEST_MATCHER
default login URI
and any request with a Authorization
header.public KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)
AuthenticationManager
and the
default request matcher
.authenticationManager
- the AuthenticationManager
to authenticate requests (cannot be null)DEFAULT_REQUEST_MATCHER
public KeycloakAuthenticationProcessingFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, org.springframework.security.web.util.matcher.RequestMatcher requiresAuthenticationRequestMatcher)
AuthenticationManager
and
RequestMatcher
.
Note: the given request matcher must support matching the Authorization
header if
bearer token authentication is to be accepted.
authenticationManager
- the AuthenticationManager
to authenticate requests (cannot be null)requiresAuthenticationRequestMatcher
- the RequestMatcher
used to determine if authentication
is required (cannot be null)RequestHeaderRequestMatcher
,
OrRequestMatcher
public void afterPropertiesSet()
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
afterPropertiesSet
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws org.springframework.security.core.AuthenticationException, IOException, javax.servlet.ServletException
attemptAuthentication
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
org.springframework.security.core.AuthenticationException
IOException
javax.servlet.ServletException
protected boolean isBearerTokenRequest(javax.servlet.http.HttpServletRequest request)
request
- the current HttpServletRequest
true
if the request
was made with a bearer token authorization header;
false
otherwise.protected boolean isBasicAuthRequest(javax.servlet.http.HttpServletRequest request)
request
- the current HttpServletRequest
true
if the request
was made with a Basic authentication authorization header;
false
otherwise.protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain, org.springframework.security.core.Authentication authResult) throws IOException, javax.servlet.ServletException
successfulAuthentication
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
IOException
javax.servlet.ServletException
protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed) throws IOException, javax.servlet.ServletException
unsuccessfulAuthentication
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
IOException
javax.servlet.ServletException
public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException
setApplicationContext
in interface org.springframework.context.ApplicationContextAware
org.springframework.beans.BeansException
public void setAdapterTokenStoreFactory(AdapterTokenStoreFactory adapterTokenStoreFactory)
adapterTokenStoreFactory
- the AdapterTokenStoreFactory
to usepublic final void setAllowSessionCreation(boolean allowSessionCreation)
setAllowSessionCreation
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
UnsupportedOperationException
- this filter does not support explicitly enabling session creation.public final void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication)
setContinueChainBeforeSuccessfulAuthentication
in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
UnsupportedOperationException
- this filter does not support explicitly setting a continue chain before success policyCopyright © 2016 JBoss by Red Hat. All rights reserved.