1
00:00:00,240 --> 00:00:06,300
Think of a scenario where we have a business requirement inside our application where when user tried

2
00:00:06,300 --> 00:00:14,550
to enter his username or email in the login page, we should not accept any username or email which

3
00:00:14,550 --> 00:00:18,780
has a word WPEC inside it.

4
00:00:18,960 --> 00:00:26,340
Of course, I can validate this on the other side also, but I want to validate the back inside so that

5
00:00:26,580 --> 00:00:34,110
if some authentication fails due to this reason, I can log it or I can write an exception into a database.

6
00:00:34,110 --> 00:00:41,670
In order to achieve this, we can write a custom filter and inject into the spring security filter change

7
00:00:41,670 --> 00:00:45,070
flow by using the add filter before method.

8
00:00:45,150 --> 00:00:48,180
You can see here for your representation purposes.

9
00:00:48,270 --> 00:00:56,250
I have defined some inbuilt filters like Cotswold, CSR, a filter and the basic authentication filter

10
00:00:56,370 --> 00:00:59,790
which are provided by spring security framework itself.

11
00:00:59,910 --> 00:01:08,280
So in this chain of filters, I want to inject my own custom filter, which is of request validation

12
00:01:08,280 --> 00:01:11,800
filter before the basic authentication filter.

13
00:01:11,940 --> 00:01:19,980
So whenever we inject our own filter before a certain spring security framework filter, the order we

14
00:01:19,980 --> 00:01:22,530
will get is just before the number.

15
00:01:22,620 --> 00:01:29,700
So for our understanding purposes, I just defined class as a filter, which has either one CSR, which

16
00:01:29,700 --> 00:01:33,990
has other two, followed by my filter, which is arbitrary.

17
00:01:34,020 --> 00:01:39,470
And at the last we have a filter which is basic authentication filter return order for.

18
00:01:39,600 --> 00:01:46,620
So in order to achieve this, let's try to go to the backend code and try to implement a filter with

19
00:01:46,620 --> 00:01:48,320
the logic that we have discussed.

20
00:01:48,540 --> 00:01:53,570
So here I have implemented a filter, which I'll explain you now.

21
00:01:53,580 --> 00:01:59,340
But don't worry if you really want to check what I have written inside this filter, you can always

22
00:01:59,340 --> 00:02:03,660
download the source code from the summary of the section and explore astbury.

23
00:02:03,660 --> 00:02:09,389
What needs, as you can see, the very first requirement that we have to follow is we have to implement

24
00:02:09,389 --> 00:02:13,530
the filter from the package Java X dot.

25
00:02:13,530 --> 00:02:21,030
So let inside this we need to override the method to filter and it receives three parameters request,

26
00:02:21,030 --> 00:02:22,260
response and filters.

27
00:02:22,680 --> 00:02:30,120
Since we want to deal with the filters, we have to convert that request whatever we result into the

28
00:02:30,120 --> 00:02:31,770
history to pisolite request.

29
00:02:31,980 --> 00:02:33,800
Once we convert that here.

30
00:02:33,810 --> 00:02:39,570
What I I'm trying to see is during the initial authentication from the UI in the intercept that we have

31
00:02:39,570 --> 00:02:47,400
written, we are sending an header with the name Attribution and with the base64 encoding with both

32
00:02:47,400 --> 00:02:50,800
email and the password separated by a column.

33
00:02:50,820 --> 00:02:52,740
So this is what is happening from the UI.

34
00:02:53,040 --> 00:02:58,870
So similarly on the backend, in order to understand what is the email entered by the user, I read

35
00:02:58,890 --> 00:03:02,520
through the header with the name Attribution and inside the header.

36
00:03:02,700 --> 00:03:09,570
If the header starts with the name Basic, which means this is my proper header where I can find my

37
00:03:09,600 --> 00:03:16,050
email and password, I can decode it using base64 encoding and decoding.

38
00:03:16,410 --> 00:03:23,940
Once I have the decoded string, I will separate the string using a delimiter that we have used Colen

39
00:03:23,940 --> 00:03:29,190
in the UI and the very first string that I get from this token is Imon.

40
00:03:29,220 --> 00:03:34,950
And inside the email I'm just checking if I how inside it.

41
00:03:35,160 --> 00:03:42,550
If it is there, then I will generate a response which indicates that request received to the UI.

42
00:03:42,780 --> 00:03:44,460
So this is not a four zero one.

43
00:03:44,700 --> 00:03:50,750
It just indicates I received an invalid email to the UI application.

44
00:03:50,760 --> 00:03:55,710
So this we want to execute before actual authentication happens.

45
00:03:55,710 --> 00:04:02,290
Due to that reason, we injected this filter just before the basic authentication filter.

46
00:04:02,430 --> 00:04:08,760
Now let's try to configure this custom filter inside our application for the same.

47
00:04:08,790 --> 00:04:12,240
You have to come to project security config Java.

48
00:04:12,420 --> 00:04:17,070
And here this is the line that I have added to configure a filter.

49
00:04:17,279 --> 00:04:20,160
We can add this line anywhere inside this matter.

50
00:04:20,399 --> 00:04:29,280
But I just added before our the matches and here I am saying you have to add filter before and parsing

51
00:04:29,280 --> 00:04:37,890
my own custom filter by initializing it, followed by what is a spring security filter I want to consider

52
00:04:38,010 --> 00:04:45,330
in order to inject my filter just before it's the filter that we want to consider is basic authentication

53
00:04:45,330 --> 00:04:47,490
filter from the spring security framework.

54
00:04:47,490 --> 00:04:55,070
IT with this configuration, we inject our own custom filter into the spring security filter chain and

55
00:04:55,140 --> 00:04:59,370
let's try to start the application by going to the main class.

56
00:04:59,650 --> 00:05:07,240
Why debugging and Java application from the login page, let's try to form a proper login, which is

57
00:05:07,240 --> 00:05:12,790
happy aderet example dot com one, two, three, four, five and clicking Sinem to login.

58
00:05:12,790 --> 00:05:19,600
Successful as we expected, but let's try to check the console of the back and see whether our filter

59
00:05:19,780 --> 00:05:23,580
is really added into the spring security filter change.

60
00:05:23,800 --> 00:05:31,210
As you can see here just before basic authentication filter our Walkerston filter, which is request

61
00:05:31,220 --> 00:05:35,630
validation before filter has been added to the filter change.

62
00:05:36,040 --> 00:05:40,790
And since our e-mail is valid, it didn't show any error.

63
00:05:41,050 --> 00:05:44,680
Let us try to log out and this time I will enter.

64
00:05:44,800 --> 00:05:50,230
AP straight example, dot com two, three, four, five is the password.

65
00:05:50,440 --> 00:05:53,920
We keep a breakpoint in our filter for your reference.

66
00:05:54,370 --> 00:05:55,500
Clicking, signing.

67
00:05:55,670 --> 00:06:02,290
I can see here the breakpoint has been stopped here and this is the token that we send username colon

68
00:06:02,290 --> 00:06:08,520
and the password and the way we decoded it and fetching the only email pad.

69
00:06:08,650 --> 00:06:18,090
And clearly my email contains now it satisfies a condition that I have written, so it will return a

70
00:06:18,340 --> 00:06:26,260
four hundred error, which indicates bad request to the UI, but it will not call the extra filter in

71
00:06:26,260 --> 00:06:33,340
the chain because I am returning from this filter itself to the client and you can see here in the console,

72
00:06:33,730 --> 00:06:40,930
my request has been filled with the reason for hundred that will return and that back in this way we

73
00:06:40,930 --> 00:06:48,460
can define our one custom filter and added this to before whatever we define filter provided by the

74
00:06:48,460 --> 00:06:56,440
spring security framework in the next, will you let us try to add a filter after an inbuilt filter

75
00:06:56,440 --> 00:06:57,820
provided by spring security?

76
00:06:58,060 --> 00:06:58,510
Thank you.

77
00:06:58,510 --> 00:06:59,710
And see you in the next room by.