Home > Mobile >  Custom Authentication Processing Filter Location in SecurityFilterChain?
Custom Authentication Processing Filter Location in SecurityFilterChain?

Time:02-02

I have a custom implementation of AbstractAuthenticationProcessingFilter that I need to manually insert in the Security Filter Chain. I've seen multiple tutorials, each saying to insert it before or after a different filter in the chain.

Is there a definitive answer on where this filter is supposed to be placed? Or, at least, a rule of thumb that can help figure it out?

Visual reference below:

@Bean
public void SecurityFilterChain configure(HttpSecurity http) {

    MyAuthenticationProcessingFilter filter = new MyAuthenticationProcessingFilter();

    http
        .addFilterBefore(filter, WhateverFilter.class);

    // rest of configuration here

}

CodePudding user response:

maybe you can define a AuthenticationProvider bean to process an authentication

@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {

}

CodePudding user response:

Per the documentation, implementations of AbstractAuthenticationProcessingFilter are placed between ConcurrentSessionFilter and SecurityContextHolderAwareRequestFilter

Page link:https//www.codepudding.com/Mobile/690753.html

Prev:How to disable logging for Spring RestTemplate
Next:How do I pass bearer token and other info from Spring Service to Grpc Interceptor?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding