Spring Security Filters Documentation

1. SecurityContextPersistenceFilter

• Purpose: Restores or saves the SecurityContext (e.g., authentication) across requests.
• When Used: Ensures the security context is available for processing during the lifecycle of a request.
• Key Details:
  • Typically works with session-based authentication.
  • Maintains the Authentication object in the security context.

2. BearerTokenAuthenticationFilter

• Purpose: Extracts and validates JWT tokens from the Authorization header.
• When Used: Common in stateless authentication setups using JWT.
• Key Details:
  • Ensures the Bearer token is valid and trusted.
  • Injects the authenticated user's details into the security context.

How to Use:

1. Enable JWT Support:
   • Ensure the Authorization header is included in frontend requests.
2. Customization:
   • Override BearerTokenAuthenticationFilter for specific needs (e.g., extracting tokens from cookies instead of headers).

This format can be directly used in Notion for quick reference.