Spring Security Authenticatio username and password are encrypted and transmitted from the front end to the back end

Expected Behavior

How to replace the default UsernamePasswordAuthenticationFilter。

Context

spring security version: 5.1.4

problem:

1.The encrypted username and password are encrypted and transmitted from the front end to the back end。Front-end RSA encryption。Backend authentication requires decryption first。

2.UsernamePasswordAuthenticationFilter

// Can't find how to inject into security
UsernamePasswordAuthenticationFilter

protected String obtainPassword(HttpServletRequest request) {
        return request.getParameter(passwordParameter);
    }

protected String obtainUsername(HttpServletRequest request) {
        return request.getParameter(usernameParameter);
    }

3.FormLoginConfigurer FormLoginConfigurer is final class,cannot inherit。

Constructor initialization UsernamePasswordAuthenticationFilter，No code can be changed

public FormLoginConfigurer() {
        super(new UsernamePasswordAuthenticationFilter(), null);
        usernameParameter("username");
        passwordParameter("password");
    }

4.HttpSecurity

public final class HttpSecurity {
      public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
        return getOrApply(new FormLoginConfigurer<>());
    }
}

Comment From: eleftherias

Thanks for getting in touch, but it feels like this is a question that would be better suited to Stack Overflow. As mentioned in the guidelines for contributing, we prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add more detail if you feel this is a genuine bug.