Package com.azure.spring.cloud.autoconfigure.aad.filter

Class AadAppRoleStatelessAuthenticationFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
com.azure.spring.cloud.autoconfigure.aad.filter.AadAppRoleStatelessAuthenticationFilter
All Implemented Interfaces:
jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
public class AadAppRoleStatelessAuthenticationFilter extends org.springframework.web.filter.OncePerRequestFilter
A stateless authentication filter which uses app roles feature of Azure Active Directory. Since it's a stateless implementation so the principal will not be stored in session. By using roles claim in the token it will not call Microsoft Graph to retrieve users' groups.
See Also:
  • OncePerRequestFilter

  • Field Summary

    Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

    ALREADY_FILTERED_SUFFIX

    Fields inherited from class org.springframework.web.filter.GenericFilterBean

    logger

  • Constructor Summary

    Constructors
    Constructor
    Description
    AadAppRoleStatelessAuthenticationFilter(UserPrincipalManager principalManager)
    Creates a new instance of AadAppRoleStatelessAuthenticationFilter.

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    doFilterInternal(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, jakarta.servlet.FilterChain filterChain)
    Do filter.
    protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority>
    toSimpleGrantedAuthoritySet(UserPrincipal userPrincipal)
    Converts to user principal to a set of simple granted authorities.

    Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

    doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

    Methods inherited from class org.springframework.web.filter.GenericFilterBean

    addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

  • Method Details

    • doFilterInternal

      protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException
      Do filter.
      Specified by:
      doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
      Parameters:
      httpServletRequest - the httpServletRequest
      httpServletResponse - the httpServletResponse
      filterChain - the filterChain
      Throws:
      jakarta.servlet.ServletException
      IOException

    • toSimpleGrantedAuthoritySet

      protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority> toSimpleGrantedAuthoritySet(UserPrincipal userPrincipal)
      Converts to user principal to a set of simple granted authorities.
      Parameters:
      userPrincipal - the user principal
      Returns:
      A set of SimpleGrantedAuthoritys