io.micronaut.security.filters

Class SecurityFilter

java.lang.Object

io.micronaut.security.filters.SecurityFilter

All Implemented Interfaces:

io.micronaut.core.order.Ordered, io.micronaut.http.filter.HttpFilter, io.micronaut.http.filter.HttpServerFilter

@Requires(property="micronaut.security.filter.enabled",
          notEquals="false",
          defaultValue="true")
 @Replaces(value=io.micronaut.management.endpoint.EndpointsFilter.class)
 @Filter(value="${micronaut.security.filter.pattern:/**}")
public class SecurityFilter
extends java.lang.Object
implements io.micronaut.http.filter.HttpServerFilter

Security Filter.

Since:

1.0

Author:

Sergio del Amo, Graeme Rocher

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.CharSequence	AUTHENTICATION The attribute used to store the authentication object in the request.
protected java.util.Collection<AuthenticationFetcher>	authenticationFetchers
static java.lang.String	KEY
static java.lang.CharSequence	REJECTION The attribute used to store if the request was rejected and why.
protected SecurityConfiguration	securityConfiguration
protected java.util.Collection<SecurityRule>	securityRules
static java.lang.CharSequence	TOKEN The attribute used to store a valid token in the request.

Fields inherited from interface io.micronaut.core.order.Ordered

HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors

Constructor and Description
SecurityFilter(java.util.Collection<SecurityRule> securityRules, java.util.Collection<AuthenticationFetcher> authenticationFetchers, SecurityConfiguration securityConfiguration)

Method Summary

Modifier and Type	Method and Description
protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>>	checkRules(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain, io.micronaut.web.router.RouteMatch<?> routeMatch, Authentication authentication) Check the security rules against the provided arguments.
org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>>	doFilter(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain)
int	getOrder()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.micronaut.http.filter.HttpServerFilter

doFilter

Field Detail

KEY

public static final java.lang.String KEY

AUTHENTICATION

public static final java.lang.CharSequence AUTHENTICATION

The attribute used to store the authentication object in the request.

REJECTION

public static final java.lang.CharSequence REJECTION

The attribute used to store if the request was rejected and why.

TOKEN

public static final java.lang.CharSequence TOKEN

The attribute used to store a valid token in the request.

securityRules

protected final java.util.Collection<SecurityRule> securityRules

authenticationFetchers

protected final java.util.Collection<AuthenticationFetcher> authenticationFetchers

securityConfiguration

protected final SecurityConfiguration securityConfiguration

Constructor Detail

SecurityFilter

public SecurityFilter(java.util.Collection<SecurityRule> securityRules,
                      java.util.Collection<AuthenticationFetcher> authenticationFetchers,
                      SecurityConfiguration securityConfiguration)

Parameters:

securityRules - The list of security rules that will allow or reject the request

authenticationFetchers - List of AuthenticationFetcher beans in the context.

securityConfiguration - The security configuration

Method Detail

getOrder

public int getOrder()

Specified by:

getOrder in interface io.micronaut.core.order.Ordered

doFilter

public org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> doFilter(io.micronaut.http.HttpRequest<?> request,
                                                                                        io.micronaut.http.filter.ServerFilterChain chain)

Specified by:

doFilter in interface io.micronaut.http.filter.HttpServerFilter

checkRules

protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> checkRules(io.micronaut.http.HttpRequest<?> request,
                                                                                             io.micronaut.http.filter.ServerFilterChain chain,
                                                                                             @Nullable
                                                                                             io.micronaut.web.router.RouteMatch<?> routeMatch,
                                                                                             @Nullable
                                                                                             Authentication authentication)

Check the security rules against the provided arguments.

Parameters:

request - The request

chain - The server chain

routeMatch - The route match

authentication - The authentication

Returns:

A response publisher