Module com.erudika.para.server
Package com.erudika.para.server.security.filters

Class SAMLAuthFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
com.erudika.para.server.security.filters.SAMLAuthFilter
All Implemented Interfaces:
javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
public class SAMLAuthFilter extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
A filter that handles authentication requests to a SAML 2.0 identity provider (IDP).
Author:
Alex Bogdanovski [[email protected]]

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    SAML_ACTION
    The default filter mapping.

  • Constructor Summary

    Constructors
    Constructor
    Description
    SAMLAuthFilter(String defaultFilterProcessesUrl)
    Default constructor.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.core.Authentication
    attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
    Handles an authentication request.
    UserAuthentication
    getOrCreateUser(App app, Map<String,List<String>> samlAttributes)
     

    Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

    afterPropertiesSet, doFilter, getRememberMeServices, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSecurityContextHolderStrategy, setSecurityContextRepository, setSessionAuthenticationStrategy

    Methods inherited from class org.springframework.web.filter.GenericFilterBean

    destroy, getEnvironment, getFilterConfig, init, setBeanName, setEnvironment, setServletContext

    Methods inherited from class java.lang.Object

    equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • SAMLAuthFilter

      public SAMLAuthFilter(String defaultFilterProcessesUrl)
      Default constructor.
      Parameters:
      defaultFilterProcessesUrl - the url of the filter

  • Method Details

    • attemptAuthentication

      public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
      Handles an authentication request.
      Specified by:
      attemptAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
      Parameters:
      request - HTTP request
      response - HTTP response
      Returns:
      an authentication object that contains the principal object if successful.
      Throws:
      IOException - ex

    • getOrCreateUser

      public UserAuthentication getOrCreateUser(App app, Map<String,List<String>> samlAttributes) throws IOException
      Parameters:
      app - the app where the user will be created, use null for root app
      samlAttributes - SAML attibutes from response assertion
      Returns:
      UserAuthentication object or null if something went wrong
      Throws:
      IOException - ex