com.microsoft.azure.spring.autoconfigure.aad

Class AADAppRoleStatelessAuthenticationFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

com.microsoft.azure.spring.autoconfigure.aad.AADAppRoleStatelessAuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class AADAppRoleStatelessAuthenticationFilter
extends org.springframework.web.filter.OncePerRequestFilter

A stateless authentication filter which uses app roles feature of Azure Active Directory. Since it's a stateless implementation so the principal will not be stored in session. By using roles claim in the token it will not call Microsoft Graph to retrieve users' groups.

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor and Description
AADAppRoleStatelessAuthenticationFilter(UserPrincipalManager principalManager)

Method Summary

Modifier and Type	Method and Description
protected void	doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority>	rolesToGrantedAuthorities(net.minidev.json.JSONArray roles)

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AADAppRoleStatelessAuthenticationFilter

public AADAppRoleStatelessAuthenticationFilter(UserPrincipalManager principalManager)

Method Detail

doFilterInternal

protected void doFilterInternal(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response,
                                javax.servlet.FilterChain filterChain)
                         throws javax.servlet.ServletException,
                                IOException

Specified by:

doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter

Throws:

javax.servlet.ServletException

IOException

rolesToGrantedAuthorities

protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority> rolesToGrantedAuthorities(net.minidev.json.JSONArray roles)