Package org.apache.fineract.infrastructure.security.filter

Class TenantAwareBasicAuthenticationFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.web.authentication.www.BasicAuthenticationFilter
org.apache.fineract.infrastructure.security.filter.TenantAwareBasicAuthenticationFilter
All Implemented Interfaces:
jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
public class TenantAwareBasicAuthenticationFilter extends org.springframework.security.web.authentication.www.BasicAuthenticationFilter
A customised version of spring security's BasicAuthenticationFilter. This filter is responsible for extracting multi-tenant and basic auth credentials from the request and checking that the details provided are valid. If multi-tenant and basic auth credentials are valid, the details of the tenant are stored in FineractPlatformTenant and stored in a ThreadLocal variable for this request using ThreadLocalContextUtil. If multi-tenant and basic auth credentials are invalid, a http error response is returned.

  • Field Summary

    Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

    ALREADY_FILTERED_SUFFIX

    Fields inherited from class org.springframework.web.filter.GenericFilterBean

    logger

  • Constructor Summary

    Constructors
    Constructor
    Description
    TenantAwareBasicAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint, org.apache.fineract.infrastructure.core.serialization.ToApiJsonSerializer<PlatformRequestLog> toApiJsonSerializer, org.apache.fineract.infrastructure.configuration.domain.ConfigurationDomainService configurationDomainService, org.apache.fineract.infrastructure.cache.service.CacheWritePlatformService cacheWritePlatformService, UserNotificationService userNotificationService, BasicAuthTenantDetailsService basicAuthTenantDetailsService, org.apache.fineract.infrastructure.businessdate.service.BusinessDateReadPlatformService businessDateReadPlatformService)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain)
     
    protected void
    onSuccessfulAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authResult)
     

    Methods inherited from class org.springframework.security.web.authentication.www.BasicAuthenticationFilter

    afterPropertiesSet, authenticationIsRequired, getAuthenticationEntryPoint, getAuthenticationManager, getCredentialsCharset, isIgnoreFailure, onUnsuccessfulAuthentication, setAuthenticationConverter, setAuthenticationDetailsSource, setCredentialsCharset, setRememberMeServices, setSecurityContextHolderStrategy, setSecurityContextRepository

    Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

    doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

    Methods inherited from class org.springframework.web.filter.GenericFilterBean

    addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • TenantAwareBasicAuthenticationFilter

      public TenantAwareBasicAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint, org.apache.fineract.infrastructure.core.serialization.ToApiJsonSerializer<PlatformRequestLog> toApiJsonSerializer, org.apache.fineract.infrastructure.configuration.domain.ConfigurationDomainService configurationDomainService, org.apache.fineract.infrastructure.cache.service.CacheWritePlatformService cacheWritePlatformService, UserNotificationService userNotificationService, BasicAuthTenantDetailsService basicAuthTenantDetailsService, org.apache.fineract.infrastructure.businessdate.service.BusinessDateReadPlatformService businessDateReadPlatformService)

  • Method Details

    • doFilterInternal

      protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException
      Overrides:
      doFilterInternal in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
      Throws:
      jakarta.servlet.ServletException
      IOException

    • onSuccessfulAuthentication

      protected void onSuccessfulAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authResult) throws IOException
      Overrides:
      onSuccessfulAuthentication in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
      Throws:
      IOException