1
00:00:00,210 --> 00:00:06,590
In this section, let's try to discuss about filters in spring security, what is the purpose of them?

2
00:00:06,600 --> 00:00:13,500
What are inbuilt filters associated in spring security, how we can write our own custom filters based

3
00:00:13,500 --> 00:00:15,490
upon the business requirements that we have.

4
00:00:15,600 --> 00:00:22,320
So a lot of times we'll have situations outside our regular authentication and authorization inside

5
00:00:22,470 --> 00:00:23,960
our spring security flaw.

6
00:00:24,090 --> 00:00:30,480
One such requirements like I want to do an input validation, whatever the user is giving to me, like

7
00:00:30,480 --> 00:00:37,980
whether his username is valid, whether his passport is valid in terms of data validation that I want

8
00:00:37,980 --> 00:00:38,540
to perform.

9
00:00:38,670 --> 00:00:46,320
And at the same time, we may want to log audit report user details like the IP address that he's trying

10
00:00:46,320 --> 00:00:53,280
to perform, the authentication and authorization, and at the same time, encryption, decryption multifactor

11
00:00:53,280 --> 00:00:56,630
authentication like generating and order verification code.

12
00:00:56,910 --> 00:01:03,760
So all this comes under the use cases, beyond the authorisation and authentication inside any spring

13
00:01:03,780 --> 00:01:04,790
security framework.

14
00:01:05,340 --> 00:01:12,900
So in order to handle such housekeeping activities, we can use it strictly filters available in spring

15
00:01:12,900 --> 00:01:13,390
secret.

16
00:01:13,560 --> 00:01:20,100
As you may know, filters are solid concepts and the same has been leveraged by spring security as well.

17
00:01:20,430 --> 00:01:27,840
In all the previous sections that we discussed, we already saw some inbuilt filters provided by spring

18
00:01:27,840 --> 00:01:34,290
security framework, like whatever we're trying to do, authentication that will be handled by the authentication

19
00:01:34,290 --> 00:01:34,800
filter.

20
00:01:35,010 --> 00:01:37,050
The same applies for authorization.

21
00:01:37,260 --> 00:01:45,030
And if we enable and configure CSIR of cards inside of a spring security, a filter handle such requirements

22
00:01:45,030 --> 00:01:46,850
for you inside the framework.

23
00:01:46,860 --> 00:01:53,700
So basically a filter is a component which receives a request and process your logic, what you have

24
00:01:53,700 --> 00:02:01,410
written inside the filter and hand over the same request and response that it received to the four that

25
00:02:01,410 --> 00:02:02,630
filters in the chain.

26
00:02:02,850 --> 00:02:09,800
So basically we can have multiple chain of filters with an order like one, two, three, four, five,

27
00:02:10,199 --> 00:02:14,190
and those filters will be executed one by one by the framework.

28
00:02:14,610 --> 00:02:22,140
And whenever you are done with execution inside your filter, your filter will hand over to the next

29
00:02:22,140 --> 00:02:25,440
operator in the chain till it reaches to the end of the chain.

30
00:02:25,440 --> 00:02:30,810
Spring security is based upon chain of solid filters like entry.

31
00:02:30,810 --> 00:02:37,560
Spring security framework has been written based upon the filters owlet filters, which we can see in

32
00:02:37,560 --> 00:02:38,670
the next video.

33
00:02:38,970 --> 00:02:44,730
And depending on the configuration that we do, the inbuilt filters will be added or removed.

34
00:02:44,740 --> 00:02:50,790
I suppose if I confess SRF, of course those filters will be activated inside my flow.

35
00:02:50,970 --> 00:02:56,670
Otherwise those filters will not be activated by discipling security framework on top of whatever springs

36
00:02:56,670 --> 00:02:58,140
security framework provides.

37
00:02:58,140 --> 00:03:06,330
In terms of filters, we can also define our own custom filters and add them in the flow of spring security,

38
00:03:06,330 --> 00:03:13,110
authentication and authorization to handle our business housekeeping activities like input, validation,

39
00:03:13,110 --> 00:03:14,910
log tracing, auditing.

40
00:03:14,940 --> 00:03:16,950
I hope this is making sense to you.

41
00:03:17,130 --> 00:03:24,720
I'll catch you in the next video where we can see what are the inbuilt filters provided by spring security.

42
00:03:24,990 --> 00:03:25,470
Thank you.

43
00:03:25,470 --> 00:03:25,820
And by.