SecurityFilter (micronaut 1.1.0 API)

java.lang.Object
- io.micronaut.http.filter.OncePerRequestHttpServerFilter
- - io.micronaut.security.filters.SecurityFilter

All Implemented Interfaces:

Ordered, HttpFilter, HttpServerFilter
```
@Filter(value="/**")
public class SecurityFilter
extends OncePerRequestHttpServerFilter
```
Security Filter.

Since:

1.0

Author:

Sergio del Amo, Graeme Rocher

Field Summary

Fields
Modifier and Type	Field and Description
`static CharSequence`	`AUTHENTICATION` The attribute used to store the authentication object in the request.
`protected Collection<AuthenticationFetcher>`	`authenticationFetchers`
`protected Integer`	`order` The order of the Security Filter.
`static CharSequence`	`REJECTION` The attribute used to store if the request was rejected and why.
`protected RejectionHandler`	`rejectionHandler`
`protected Collection<SecurityRule>`	`securityRules`
`static CharSequence`	`TOKEN` The attribute used to store a valid token in the request.

Fields inherited from interface io.micronaut.core.order.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors
Constructor and Description
`SecurityFilter(Collection<SecurityRule> securityRules, Collection<AuthenticationFetcher> authenticationFetchers, RejectionHandler rejectionHandler, SecurityFilterOrderProvider securityFilterOrderProvider)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected Publisher<MutableHttpResponse<?>>`	`checkRules(HttpRequest<?> request, ServerFilterChain chain, RouteMatch routeMatch, Map<String,Object> attributes, boolean forbidden)` Check the security rules against the provided arguments.
`protected Publisher<MutableHttpResponse<?>>`	`doFilterOnce(HttpRequest<?> request, ServerFilterChain chain)`
`int`	`getOrder()`

Methods inherited from class io.micronaut.http.filter.OncePerRequestHttpServerFilter
doFilter, getKey

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.micronaut.http.filter.HttpServerFilter
doFilter

Field Detail

AUTHENTICATION
```
public static final CharSequence AUTHENTICATION
```
The attribute used to store the authentication object in the request.

REJECTION
```
public static final CharSequence REJECTION
```
The attribute used to store if the request was rejected and why.

TOKEN
```
public static final CharSequence TOKEN
```
The attribute used to store a valid token in the request.

order
```
protected final Integer order
```
The order of the Security Filter.

securityRules

protected final Collection<SecurityRule> securityRules

authenticationFetchers

protected final Collection<AuthenticationFetcher> authenticationFetchers

rejectionHandler

protected final RejectionHandler rejectionHandler

Constructor Detail

SecurityFilter

public SecurityFilter(Collection<SecurityRule> securityRules,
                      Collection<AuthenticationFetcher> authenticationFetchers,
                      RejectionHandler rejectionHandler,
                      @Nullable
                      SecurityFilterOrderProvider securityFilterOrderProvider)

Parameters:: securityRules - The list of rules that will allow or reject the request; authenticationFetchers - List of AuthenticationFetcher beans in the context.; rejectionHandler - Bean which handles routes which need to be rejected; securityFilterOrderProvider - filter order provider

Method Detail

getOrder
```
public int getOrder()
```
Returns:

The order of the object. Defaults to zero (no order).

doFilterOnce

protected Publisher<MutableHttpResponse<?>> doFilterOnce(HttpRequest<?> request,
                                                         ServerFilterChain chain)

Specified by:: doFilterOnce in class OncePerRequestHttpServerFilter
Parameters:: request - The HttpRequest instance; chain - The ServerFilterChain instance
Returns:: A Publisher for the Http response

checkRules

protected Publisher<MutableHttpResponse<?>> checkRules(HttpRequest<?> request,
                                                       ServerFilterChain chain,
                                                       @Nullable
                                                       RouteMatch routeMatch,
                                                       @Nullable
                                                       Map<String,Object> attributes,
                                                       boolean forbidden)

Check the security rules against the provided arguments.

Parameters:: request - The request; chain - The server chain; routeMatch - The route match; attributes - The authentication attributes; forbidden - Whether a rejection should be forbidden
Returns:: A response publisher

Class SecurityFilter

Field Summary

Fields inherited from interface io.micronaut.core.order.Ordered

Constructor Summary

Method Summary

Methods inherited from class io.micronaut.http.filter.OncePerRequestHttpServerFilter

Methods inherited from class java.lang.Object

Methods inherited from interface io.micronaut.http.filter.HttpServerFilter

Field Detail

AUTHENTICATION

REJECTION

TOKEN

order

securityRules

authenticationFetchers

rejectionHandler

Constructor Detail

SecurityFilter

Method Detail

getOrder

doFilterOnce

checkRules