Package io.micronaut.security.filters
Class SecurityFilter
java.lang.Object
io.micronaut.security.filters.SecurityFilter
- All Implemented Interfaces:
io.micronaut.core.order.Ordered,io.micronaut.http.filter.HttpFilter,io.micronaut.http.filter.HttpServerFilter
@Requires(property="micronaut.security.filter.enabled",
notEquals="false",
defaultValue="true")
@Replaces(io.micronaut.management.endpoint.EndpointsFilter.class)
@Filter("${micronaut.security.filter.pattern:/**}")
public class SecurityFilter
extends Object
implements io.micronaut.http.filter.HttpServerFilter
Security Filter.
- Since:
- 1.0
- Author:
- Sergio del Amo, Graeme Rocher
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final CharSequenceThe attribute used to store the authentication object in the request.protected final Collection<AuthenticationFetcher>static final Stringstatic final CharSequenceThe attribute used to store if the request was rejected and why.protected final SecurityConfigurationprotected final Collection<SecurityRule>static final CharSequenceThe attribute used to store a valid token in the request.Fields inherited from interface io.micronaut.core.order.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE -
Constructor Summary
ConstructorsConstructorDescriptionSecurityFilter(Collection<SecurityRule> securityRules, Collection<AuthenticationFetcher> authenticationFetchers, SecurityConfiguration securityConfiguration) -
Method Summary
Modifier and TypeMethodDescriptionprotected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>>checkRules(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain, io.micronaut.web.router.RouteMatch<?> routeMatch, Authentication authentication) Check the security rules against the provided arguments.org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>>doFilter(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain) intgetOrder()Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.micronaut.http.filter.HttpServerFilter
doFilter
-
Field Details
-
KEY
-
AUTHENTICATION
The attribute used to store the authentication object in the request. -
REJECTION
The attribute used to store if the request was rejected and why. -
TOKEN
The attribute used to store a valid token in the request. -
securityRules
-
authenticationFetchers
-
securityConfiguration
-
-
Constructor Details
-
SecurityFilter
public SecurityFilter(Collection<SecurityRule> securityRules, Collection<AuthenticationFetcher> authenticationFetchers, SecurityConfiguration securityConfiguration) - Parameters:
securityRules- The list of security rules that will allow or reject the requestauthenticationFetchers- List ofAuthenticationFetcherbeans in the context.securityConfiguration- The security configuration
-
-
Method Details
-
getOrder
public int getOrder()- Specified by:
getOrderin interfaceio.micronaut.core.order.Ordered
-
doFilter
public org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> doFilter(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain) - Specified by:
doFilterin interfaceio.micronaut.http.filter.HttpServerFilter
-
checkRules
protected org.reactivestreams.Publisher<io.micronaut.http.MutableHttpResponse<?>> checkRules(io.micronaut.http.HttpRequest<?> request, io.micronaut.http.filter.ServerFilterChain chain, @Nullable io.micronaut.web.router.RouteMatch<?> routeMatch, @Nullable Authentication authentication) Check the security rules against the provided arguments.- Parameters:
request- The requestchain- The server chainrouteMatch- The route matchauthentication- The authentication- Returns:
- A response publisher
-