Spring Security
  1. Spring Security
  2. SEC-1160

Rename AuthenticationProcessingFilter, AuthenticationProcessingFilterEntryPoint, AbstractProcessingFilter etc

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.0.0 M1
    • Component/s: Core
    • Labels:
      None

      Description

      The name AuthenticationProcessingFilter dates from a time when it was the only login mechanism available. There are now many and the names are confusing for newcomers to the framework as they are all authentication processing filters (CAS, OpenID, form-based etc). I'd suggest the following name changes (keeping the originals but deprecated for the time being).

      AbstractProcessingFilter -> AbstractAuthenticationProcessingFilter (this filter is always responsible for authentication processing)
      AuthenticationProcessingFilter -> SimpleAuthenticationProcessingFilter or UsernamePasswordAuthenticationProcessingFilter (always processes a username and password submission).
      AuthenticationProcessingFilterEntryPoint -> LoginPageUrlAuthenticationEntryPoint (redirects to a login page URL).
      PreAuthenticatedProcessingFilterEntryPoint -> Http403ForbiddenEntryPoint (always sends a 403 forbidden response).

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Luke Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: