When we hit a rest api url using digest authentication it invokes DigestAuthenticationFilter.java class
We can customise this class for some custome verification like signature or certificate. Then we need to set a result attribute to request then we use the following code.
Now we can access isVerified request attribute that set in filter class.
//CustomDigestAuthenticationFilter.java
public class CustomDigestAuthenticationFilter extends DigestAuthenticationFilter {
private static Logger logger = LoggerFactory.getLogger(CustomDigestAuthenticationFilter.class);
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
req.setAttribute("isVerified",true);
super.doFilter(req, res, chain);
}
}
Now we can access isVerified request attribute that set in filter class.
//AuthenticationController.java
@RestController
public class AuthenticationController {
@Autowired
private UserService userService;
@RequestMapping(value = "/login", method = RequestMethod.GET)
public @ResponseBody
User authenticate(HttpServletRequest request) {
User user =new User();
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
System.out.println(" Request Attribute "+request.getAttribute("isVerified"));
return user;
}
}
0 Comments