One time token authentication filter should be its own class

**Expected Behavior**

Authentication processing for one-time login token should happen in a dedicated filter class.

(Discussed with @rwinch)

**Current Behavior**

Authentication processing happens in an undifferentiated instance of `AuthenticationFilter`, see [OneTimeTokenLoginConfigurer](https://github.com/spring-projects/spring-security/blob/f7e0f7fa8aa0973999f26ced4a9b4cec923f0f68/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ott/OneTimeTokenLoginConfigurer.java#L120-L129).

**Context**

This will help implement gh-16414 .

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

One time token authentication filter should be its own class #16539

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

One time token authentication filter should be its own class #16539

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions