Example 1 with SslInfo
use of org.springframework.http.server.reactive.SslInfo in project spring-security by spring-projects.
the class ServerX509AuthenticationConverter method convert.
@Override
public Mono<Authentication> convert(ServerWebExchange exchange) {
SslInfo sslInfo = exchange.getRequest().getSslInfo();
if (sslInfo == null) {
this.logger.debug("No SslInfo provided with a request, skipping x509 authentication");
return Mono.empty();
}
if (sslInfo.getPeerCertificates() == null || sslInfo.getPeerCertificates().length == 0) {
this.logger.debug("No peer certificates found in SslInfo, skipping x509 authentication");
return Mono.empty();
}
X509Certificate clientCertificate = sslInfo.getPeerCertificates()[0];
Object principal = this.principalExtractor.extractPrincipal(clientCertificate);
return Mono.just(new PreAuthenticatedAuthenticationToken(principal, clientCertificate));
}
Also used :
PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)
SslInfo(org.springframework.http.server.reactive.SslInfo)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
X509Certificate (java.security.cert.X509Certificate)1
SslInfo (org.springframework.http.server.reactive.SslInfo)1
PreAuthenticatedAuthenticationToken (org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)1
