One time token authentication filter should be its own class #16539

Kehrlann · 2025-02-05T11:19:02Z

Expected Behavior

Authentication processing for one-time login token should happen in a dedicated filter class.

(Discussed with @rwinch)

Current Behavior

Authentication processing happens in an undifferentiated instance of AuthenticationFilter, see OneTimeTokenLoginConfigurer.

Context

This will help implement gh-16414 .

The text was updated successfully, but these errors were encountered:

closes spring-projectsgh-16539 Signed-off-by: Daniel Garnier-Moiroux <[email protected]>

Kehrlann added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Feb 5, 2025

Kehrlann added a commit to Kehrlann/spring-security that referenced this issue Feb 5, 2025

Introduce OneTimeTokenAuthenticationFilter

2d72856

closes spring-projectsgh-16539 Signed-off-by: Daniel Garnier-Moiroux <[email protected]>

Kehrlann mentioned this issue Feb 5, 2025

One Time Token login registers the default login page #16480

Merged

rwinch closed this as completed in 5ee6b83 Feb 10, 2025

rwinch self-assigned this Feb 10, 2025

rwinch added in: web An issue in web modules (web, webmvc) and removed status: waiting-for-triage An issue we've not yet triaged labels Feb 10, 2025

rwinch added this to the 6.5.0-M2 milestone Feb 10, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

One time token authentication filter should be its own class #16539

One time token authentication filter should be its own class #16539

Kehrlann commented Feb 5, 2025 •

edited

Loading

One time token authentication filter should be its own class #16539

One time token authentication filter should be its own class #16539

Comments

Kehrlann commented Feb 5, 2025 • edited Loading

Kehrlann commented Feb 5, 2025 •

edited

Loading