Use idiomatic Kotlin in custom filter documentation

This will make Kotlin and all users more native and readable. Closes: gh-18967 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2026-05-22 21:33:16 +00:00 · 2026-03-24 19:20:39 +03:00
parent acbf64a47d
commit c3e0b98b7e
3 changed files with 41 additions and 10 deletions
@@ -246,9 +246,15 @@ Instead of implementing `Filter`, you can extend from {spring-framework-api-url}
 Now, you need to add the filter to the <<servlet-securityfilterchain>>.
 The previous description already gives us a clue on where to add the filter, since we need to know the current user, we need to add it after the authentication filters.

-Based on the rule of thumb, add it after xref:servlet/authentication/anonymous.adoc[ `AnonymousAuthenticationFilter`], the last authentication filter in the chain, like so:
+Based on the rule of thumb, you can add it before xref:servlet/authentication/logout.adoc[`LogoutFilter`], like so:

-include-code::./SecurityConfig[tag=snippet,indent=0]
+include-code::./SecurityConfig[tag=snippet-before,indent=0]
+
+<1> Use `HttpSecurity#addFilterBefore` to add the `TenantFilter` before the `LogoutFilter`.
+
+Or after xref:servlet/authentication/anonymous.adoc[`AnonymousAuthenticationFilter`], the last authentication filter in the chain, like so:
+
+include-code::./SecurityConfig[tag=snippet-after,indent=0]

 <1> Use `HttpSecurity#addFilterAfter` to add the `TenantFilter` after the `AnonymousAuthenticationFilter`.

@@ -22,6 +22,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
+import org.springframework.security.web.authentication.logout.LogoutFilter;
 import org.springframework.test.context.ContextConfiguration;

@Configuration
@@ -29,14 +30,24 @@ import org.springframework.test.context.ContextConfiguration;
@EnableWebSecurity
 public class SecurityConfig {

-	// tag::snippet[]
+	// tag::snippet-before[]
 	@Bean
-	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+	public SecurityFilterChain filterChainBefore(HttpSecurity http) throws Exception {
+		http
+			// ...
+			.addFilterBefore(new TenantFilter(), LogoutFilter.class); // <1>
+		return http.build();
+	}
+	// end::snippet-before[]
+
+	// tag::snippet-after[]
+	@Bean
+	public SecurityFilterChain filterChainAfter(HttpSecurity http) throws Exception {
 		http
 			// ...
 			.addFilterAfter(new TenantFilter(), AnonymousAuthenticationFilter.class); // <1>
 		return http.build();
 	}
-	// end::snippet[]
+	// end::snippet-after[]

 }
@@ -20,21 +20,35 @@ import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.config.annotation.web.invoke
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.authentication.AnonymousAuthenticationFilter
+import org.springframework.security.web.authentication.logout.LogoutFilter

@Configuration
@EnableWebSecurity
 open class SecurityConfig {

-	// tag::snippet[]
+    // tag::snippet-before[]
+    @Bean
+    open fun filterChainBefore(http: HttpSecurity): SecurityFilterChain {
+        http {
+            // ...
+            addFilterBefore<LogoutFilter>(TenantFilter()) // <1>
+        }
+        return http.build()
+    }
+    // end::snippet-before[]
+
+    // tag::snippet-after[]
 	@Bean
-	open fun filterChain(http: HttpSecurity): SecurityFilterChain {
-		http
+	open fun filterChainAfter(http: HttpSecurity): SecurityFilterChain {
+		http {
 			// ...
-			.addFilterAfter(TenantFilter(), AnonymousAuthenticationFilter::class.java) // <1>
+			addFilterAfter<AnonymousAuthenticationFilter>(TenantFilter()) // <1>
+		}
 		return http.build()
 	}
-	// end::snippet[]
+    // end::snippet-after[]

 }