Package org.springframework.security.web.authentication

Class AnonymousAuthenticationFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.security.web.authentication.AnonymousAuthenticationFilter
All Implemented Interfaces:
jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
public class AnonymousAuthenticationFilter extends org.springframework.web.filter.GenericFilterBean implements org.springframework.beans.factory.InitializingBean
Detects if there is no Authentication object in the SecurityContextHolder, and populates it with one if needed.

  • Field Summary

    Fields inherited from class org.springframework.web.filter.GenericFilterBean

    logger

  • Constructor Summary

    Constructors
    Constructor
    Description
    AnonymousAuthenticationFilter(String key)
    Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
    AnonymousAuthenticationFilter(String key, Object principal, List<org.springframework.security.core.GrantedAuthority> authorities)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    afterPropertiesSet()
     
    protected org.springframework.security.core.Authentication
    createAuthentication(jakarta.servlet.http.HttpServletRequest request)
     
    void
    doFilter(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, jakarta.servlet.FilterChain chain)
     
    List<org.springframework.security.core.GrantedAuthority>
    getAuthorities()
     
    Object
    getPrincipal()
     
    void
    setAuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest,?> authenticationDetailsSource)
     
    void
    setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy securityContextHolderStrategy)
    Sets the SecurityContextHolderStrategy to use.

    Methods inherited from class org.springframework.web.filter.GenericFilterBean

    addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • AnonymousAuthenticationFilter

      public AnonymousAuthenticationFilter(String key)
      Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
      Parameters:
      key - the key to identify tokens created by this filter

    • AnonymousAuthenticationFilter

      public AnonymousAuthenticationFilter(String key, Object principal, List<org.springframework.security.core.GrantedAuthority> authorities)
      Parameters:
      key - key the key to identify tokens created by this filter
      principal - the principal which will be used to represent anonymous users
      authorities - the authority list for anonymous users

  • Method Details

    • afterPropertiesSet

      public void afterPropertiesSet()
      Specified by:
      afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
      Overrides:
      afterPropertiesSet in class org.springframework.web.filter.GenericFilterBean

    • doFilter

      public void doFilter(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, jakarta.servlet.FilterChain chain) throws IOException, jakarta.servlet.ServletException
      Specified by:
      doFilter in interface jakarta.servlet.Filter
      Throws:
      IOException
      jakarta.servlet.ServletException

    • createAuthentication

      protected org.springframework.security.core.Authentication createAuthentication(jakarta.servlet.http.HttpServletRequest request)

    • setAuthenticationDetailsSource

      public void setAuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest,?> authenticationDetailsSource)

    • setSecurityContextHolderStrategy

      public void setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy securityContextHolderStrategy)
      Sets the SecurityContextHolderStrategy to use. The default action is to use the SecurityContextHolderStrategy stored in SecurityContextHolder.
      Since:
      5.8

    • getPrincipal

      public Object getPrincipal()

    • getAuthorities

      public List<org.springframework.security.core.GrantedAuthority> getAuthorities()