@Replaces(value=io.micronaut.management.endpoint.EndpointsFilter.class)
@Filter(value="/**")
public class SecurityFilter
extends java.lang.Object
implements io.micronaut.http.filter.HttpServerFilter
Modifier and Type | Field and Description |
---|---|
static java.lang.CharSequence |
AUTHENTICATION
The attribute used to store the authentication object in the request.
|
protected java.util.Collection<AuthenticationFetcher> |
authenticationFetchers |
static java.lang.String |
KEY |
static java.lang.CharSequence |
REJECTION
The attribute used to store if the request was rejected and why.
|
protected SecurityConfiguration |
securityConfiguration |
protected java.util.Collection<SecurityRule> |
securityRules |
static java.lang.CharSequence |
TOKEN
The attribute used to store a valid token in the request.
|
Constructor and Description |
---|
SecurityFilter(java.util.Collection<SecurityRule> securityRules,
java.util.Collection<AuthenticationFetcher> authenticationFetchers,
SecurityConfiguration securityConfiguration) |
Modifier and Type | Method and Description |
---|---|
protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> |
checkRules(io.micronaut.http.HttpRequest<?> request,
io.micronaut.http.filter.ServerFilterChain chain,
io.micronaut.web.router.RouteMatch<?> routeMatch,
Authentication authentication)
Check the security rules against the provided arguments.
|
org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> |
doFilter(io.micronaut.http.HttpRequest<?> request,
io.micronaut.http.filter.ServerFilterChain chain) |
int |
getOrder() |
public static final java.lang.String KEY
public static final java.lang.CharSequence AUTHENTICATION
public static final java.lang.CharSequence REJECTION
public static final java.lang.CharSequence TOKEN
protected final java.util.Collection<SecurityRule> securityRules
protected final java.util.Collection<AuthenticationFetcher> authenticationFetchers
protected final SecurityConfiguration securityConfiguration
public SecurityFilter(java.util.Collection<SecurityRule> securityRules, java.util.Collection<AuthenticationFetcher> authenticationFetchers, SecurityConfiguration securityConfiguration)
securityRules
- The list of security rules that will allow or reject the requestauthenticationFetchers
- List of AuthenticationFetcher
beans in the context.securityConfiguration
- The security configurationpublic int getOrder()
getOrder
in interface io.micronaut.core.order.Ordered
public org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> doFilter(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain)
doFilter
in interface io.micronaut.http.filter.HttpServerFilter
protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> checkRules(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain, @Nullable io.micronaut.web.router.RouteMatch<?> routeMatch, @Nullable Authentication authentication)
request
- The requestchain
- The server chainrouteMatch
- The route matchauthentication
- The authentication