Documentation at Security Filters leaves a lot of questions unanswered. Suggest that that section be enhanced by answering the following questions.

  • In troubleshooting scenario how to get a list of what the filter chain looks like printed to the log?
  • How to add a custom filter to the filter chain at a specific position?
  • What are some use cases where a custom filter would be needed?
  • Turn the list into a table that provides the name of the filter and a short description of what the filter does.
  • Are all the filters always present even if a specified module is not being used? for example if my app is not using SAML is the Saml2WebSsoAuthenticationFilter still present in the filter chain?
  • Is the filter chain listed in the docs configured by spring security or via spring boot auto configuration?

I believe answering the above questions in this section will make the docs much better.

Comment From: rwinch

Thanks for the report @asaikali! Would you be interested in providing a PR?