java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

io.leandev.appfuse.security.auth.BasicAuthenticationFilter

All Implemented Interfaces:: jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class BasicAuthenticationFilter extends org.springframework.web.filter.OncePerRequestFilter

Basic Auth 認證 Filter

處理 HTTP Basic Authentication，在 DelegatingJwtAuthenticationFilter 之後執行。當請求包含 Authorization: Basic xxx header 時，解析並驗證使用者憑證。

設計特點：

與 JWT 認證共存：若 SecurityContext 已有認證，則跳過處理
整合登入鎖定機制：透過 AuthenticationManager 自動支援
支援多租戶：認證成功後 TenantContext 可從 UserDetails 取得 tenantId

使用方式（在 SecurityConfig 中配置）：

if (basicAuthEnabled) {
    http.addFilterAfter(
        new BasicAuthenticationFilter(authenticationManager, authenticationEntryPoint),
        DelegatingJwtAuthenticationFilter.class
    );
}

See Also:

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX

Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
Constructor Summary

Constructors

Constructor

Description

BasicAuthenticationFilter()
Method Summary

Modifier and Type

Method

Description

protected void

doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain)

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- BasicAuthenticationFilter
  
  public BasicAuthenticationFilter()
Method Details
- doFilterInternal
  
  protected void doFilterInternal(@NonNull jakarta.servlet.http.HttpServletRequest request, @NonNull jakarta.servlet.http.HttpServletResponse response, @NonNull jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException
  
  Specified by:
  
  doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
  
  Throws:
  
  jakarta.servlet.ServletException
  
  IOException

Class BasicAuthenticationFilter

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

Fields inherited from class org.springframework.web.filter.GenericFilterBean

Constructor Summary

Method Summary

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

Methods inherited from class org.springframework.web.filter.GenericFilterBean

Methods inherited from class Object

Constructor Details

BasicAuthenticationFilter

Method Details

doFilterInternal