Class AadAppRoleStatelessAuthenticationFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
com.azure.spring.cloud.autoconfigure.aad.filter.AadAppRoleStatelessAuthenticationFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class AadAppRoleStatelessAuthenticationFilter
extends org.springframework.web.filter.OncePerRequestFilter
A stateless authentication filter which uses app roles feature of Azure Active Directory. Since it's a stateless
implementation so the principal will not be stored in session. By using roles claim in the token it will not call
Microsoft Graph to retrieve users' groups.
- See Also:
-
OncePerRequestFilter
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
-
Constructor Summary
ConstructorDescriptionAadAppRoleStatelessAuthenticationFilter
(UserPrincipalManager principalManager) Creates a new instance ofAadAppRoleStatelessAuthenticationFilter
. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilterInternal
(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, jakarta.servlet.FilterChain filterChain) Do filter.protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority>
toSimpleGrantedAuthoritySet
(UserPrincipal userPrincipal) Converts to user principal to a set of simple granted authorities.Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
AadAppRoleStatelessAuthenticationFilter
Creates a new instance ofAadAppRoleStatelessAuthenticationFilter
.- Parameters:
principalManager
- the user principal manager
-
-
Method Details
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException Do filter.- Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Parameters:
httpServletRequest
- the httpServletRequesthttpServletResponse
- the httpServletResponsefilterChain
- the filterChain- Throws:
jakarta.servlet.ServletException
IOException
-
toSimpleGrantedAuthoritySet
protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority> toSimpleGrantedAuthoritySet(UserPrincipal userPrincipal) Converts to user principal to a set of simple granted authorities.- Parameters:
userPrincipal
- the user principal- Returns:
- A set of SimpleGrantedAuthoritys
-