What is the " authentication.setDetails(...) " in the custom Filter used for ?

[sunkant]

Hi, I want to say this project is really good and it illuminates on how back-end Spring Security supports token based authentication.

But I want to ask, in the "AuthenticationTokenProcessingFilter", there is a line:

authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest));

It seems this line is to load the Session info for current request for the server side. However, as we all know, this project relies on token based authentication, and hence loading the session in the server is no use any more (I guess loading the session here is essential if we use the traditional session_id authentication).

And if I remove this line from the source and run this project, the authentication works normal, good as well.

So I just want to clarify the use of this line here.

The project is not updated for long, but I think this project illuminates much about token based authentication in Spring Java, which rare projects in Github cover and explain clearly like this one, so I am very thankful, and I am digging into this project.

Anyone helps on this? Thank you!

[philipsorst]

You are absolutely right. This is not needed here and I forgot to remove it.

[sunkant]

Thanks.

[hemeda3]

Thank you, that's what I was looking for ❤️