Package org.springframework.security.saml2.provider.service.web.authentication

Class Saml2WebSsoAuthenticationFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter

All Implemented Interfaces:

jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class Saml2WebSsoAuthenticationFilter
extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Since:

5.2

Field Summary

Fields

Modifier and Type	Field	Description
static final String	DEFAULT_FILTER_PROCESSES_URI

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

authenticationDetailsSource, eventPublisher, messages

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor	Description
Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository)	Creates a Saml2WebSsoAuthenticationFilter authentication filter that is configured to use the DEFAULT_FILTER_PROCESSES_URI processing URL
Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, String filterProcessesUrl)	Creates a Saml2WebSsoAuthenticationFilter authentication filter
Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter)	Creates a Saml2WebSsoAuthenticationFilter that is configured to use the DEFAULT_FILTER_PROCESSES_URI processing URL
Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter, String filterProcessesUrl)	Creates a Saml2WebSsoAuthenticationFilter given the provided parameters

Method Summary

Modifier and Type	Method	Description
org.springframework.security.core.Authentication	attemptAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
protected boolean	requiresAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
void	setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository)	Use the given Saml2AuthenticationRequestRepository to remove the saved authentication request.
void	setContinueChainWhenNoRelyingPartyRegistrationFound(boolean continueChain)	Indicate whether to continue with the rest of the filter chain in the event that no relying party registration is found.

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationConverter, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSecurityContextHolderStrategy, setSecurityContextRepository, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

DEFAULT_FILTER_PROCESSES_URI

public static final String DEFAULT_FILTER_PROCESSES_URI

See Also:

• Constant Field Values

Constructor Details

Saml2WebSsoAuthenticationFilter

public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository)

Creates a Saml2WebSsoAuthenticationFilter authentication filter that is configured to use the DEFAULT_FILTER_PROCESSES_URI processing URL

Parameters:

relyingPartyRegistrationRepository - - repository of configured SAML 2 entities. Required.

Saml2WebSsoAuthenticationFilter

public Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository,
 String filterProcessesUrl)

Creates a Saml2WebSsoAuthenticationFilter authentication filter

Parameters:

relyingPartyRegistrationRepository - - repository of configured SAML 2 entities. Required.

filterProcessesUrl - the processing URL, must contain a {registrationId} variable. Required.

Saml2WebSsoAuthenticationFilter

public Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter)

Creates a Saml2WebSsoAuthenticationFilter that is configured to use the DEFAULT_FILTER_PROCESSES_URI processing URL

Parameters:

authenticationConverter - the strategy for converting an HttpServletRequest into an Authentication

Since:

6.2

Saml2WebSsoAuthenticationFilter

public Saml2WebSsoAuthenticationFilter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter,
 String filterProcessesUrl)

Creates a Saml2WebSsoAuthenticationFilter given the provided parameters

Parameters:

authenticationConverter - the strategy for converting an HttpServletRequest into an Authentication

filterProcessesUrl - the processing URL

Since:

5.4

Method Details

requiresAuthentication

protected boolean requiresAuthentication(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

Overrides:

requiresAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

attemptAuthentication

public org.springframework.security.core.Authentication attemptAuthentication(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                                                                       throws org.springframework.security.core.AuthenticationException

Overrides:

attemptAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Throws:

org.springframework.security.core.AuthenticationException

setAuthenticationRequestRepository

public void setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository)

Use the given Saml2AuthenticationRequestRepository to remove the saved authentication request. If the authenticationConverter is of the type Saml2AuthenticationTokenConverter, the Saml2AuthenticationRequestRepository will also be set into the authenticationConverter.

Parameters:

authenticationRequestRepository - the Saml2AuthenticationRequestRepository to use

Since:

5.6

setContinueChainWhenNoRelyingPartyRegistrationFound

public void setContinueChainWhenNoRelyingPartyRegistrationFound(boolean continueChain)

Indicate whether to continue with the rest of the filter chain in the event that no relying party registration is found. This is false by default, meaning that it will throw an exception.

Parameters:

continueChain - whether to continue

Since:

6.5