io.micronaut.security.filters

Class SecurityFilter

java.lang.Object

io.micronaut.http.filter.OncePerRequestHttpServerFilter

io.micronaut.security.filters.SecurityFilter

All Implemented Interfaces:

io.micronaut.core.order.Ordered, io.micronaut.http.filter.HttpFilter, io.micronaut.http.filter.HttpServerFilter

@Replaces(value=io.micronaut.management.endpoint.EndpointsFilter.class)
 @Filter(value="/**")
public class SecurityFilter
extends io.micronaut.http.filter.OncePerRequestHttpServerFilter

Security Filter.

Since:

1.0

Author:

Sergio del Amo, Graeme Rocher

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.CharSequence	AUTHENTICATION The attribute used to store the authentication object in the request.
protected java.util.Collection<AuthenticationFetcher>	authenticationFetchers
static java.lang.CharSequence	REJECTION The attribute used to store if the request was rejected and why.
protected SecurityConfiguration	securityConfiguration
protected java.util.Collection<SecurityRule>	securityRules
static java.lang.CharSequence	TOKEN The attribute used to store a valid token in the request.

Fields inherited from interface io.micronaut.core.order.Ordered

HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors

Constructor and Description
SecurityFilter(java.util.Collection<SecurityRule> securityRules, java.util.Collection<AuthenticationFetcher> authenticationFetchers, SecurityConfiguration securityConfiguration)

Method Summary

Modifier and Type	Method and Description
protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>>	checkRules(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain, io.micronaut.web.router.RouteMatch<?> routeMatch, Authentication authentication) Check the security rules against the provided arguments.
protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>>	doFilterOnce(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain)
int	getOrder()

Methods inherited from class io.micronaut.http.filter.OncePerRequestHttpServerFilter

doFilter, getKey

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.micronaut.http.filter.HttpServerFilter

doFilter

Field Detail

AUTHENTICATION

public static final java.lang.CharSequence AUTHENTICATION

The attribute used to store the authentication object in the request.

REJECTION

public static final java.lang.CharSequence REJECTION

The attribute used to store if the request was rejected and why.

TOKEN

public static final java.lang.CharSequence TOKEN

The attribute used to store a valid token in the request.

securityRules

protected final java.util.Collection<SecurityRule> securityRules

authenticationFetchers

protected final java.util.Collection<AuthenticationFetcher> authenticationFetchers

securityConfiguration

protected final SecurityConfiguration securityConfiguration

Constructor Detail

SecurityFilter

@Inject
public SecurityFilter(java.util.Collection<SecurityRule> securityRules,
                              java.util.Collection<AuthenticationFetcher> authenticationFetchers,
                              SecurityConfiguration securityConfiguration)

Parameters:

securityRules - The list of rules that will allow or reject the request

authenticationFetchers - List of AuthenticationFetcher beans in the context.

securityConfiguration - The security configuration

Method Detail

getOrder

public int getOrder()

doFilterOnce

protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> doFilterOnce(io.micronaut.http.HttpRequest<?> request,
                                                                                               io.micronaut.http.filter.ServerFilterChain chain)

Specified by:

doFilterOnce in class io.micronaut.http.filter.OncePerRequestHttpServerFilter

checkRules

protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> checkRules(io.micronaut.http.HttpRequest<?> request,
                                                                                             io.micronaut.http.filter.ServerFilterChain chain,
                                                                                             @Nullable
                                                                                             io.micronaut.web.router.RouteMatch<?> routeMatch,
                                                                                             @Nullable
                                                                                             Authentication authentication)

Check the security rules against the provided arguments.

Parameters:

request - The request

chain - The server chain

routeMatch - The route match

authentication - The authentication

Returns:

A response publisher