org.mitre.openid.connect.assertion

Class JWTBearerClientAssertionTokenEndpointFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

org.mitre.openid.connect.assertion.JWTBearerClientAssertionTokenEndpointFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.web.context.ServletContextAware

public class JWTBearerClientAssertionTokenEndpointFilter
extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Filter to check client authentication via JWT Bearer assertions.

Author:

jricher

Field Summary

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

authenticationDetailsSource, eventPublisher, messages

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor and Description
JWTBearerClientAssertionTokenEndpointFilter(org.springframework.security.web.util.matcher.RequestMatcher additionalMatcher)

Method Summary

Modifier and Type	Method and Description
void	afterPropertiesSet()
org.springframework.security.core.Authentication	attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Pull the assertion out of the request and send it up to the auth manager for processing.
protected void	successfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain, org.springframework.security.core.Authentication authResult)

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, unsuccessfulAuthentication

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JWTBearerClientAssertionTokenEndpointFilter

public JWTBearerClientAssertionTokenEndpointFilter(org.springframework.security.web.util.matcher.RequestMatcher additionalMatcher)

Method Detail

afterPropertiesSet

public void afterPropertiesSet()

Specified by:

afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

Overrides:

afterPropertiesSet in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

attemptAuthentication

public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request,
                                                                              javax.servlet.http.HttpServletResponse response)
                                                                       throws org.springframework.security.core.AuthenticationException,
                                                                              IOException,
                                                                              javax.servlet.ServletException

Pull the assertion out of the request and send it up to the auth manager for processing.

Specified by:

attemptAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Throws:

org.springframework.security.core.AuthenticationException

IOException

javax.servlet.ServletException

successfulAuthentication

protected void successfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        javax.servlet.FilterChain chain,
                                        org.springframework.security.core.Authentication authResult)
                                 throws IOException,
                                        javax.servlet.ServletException

Overrides:

successfulAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Throws:

IOException

javax.servlet.ServletException