Spring Security allows for a number of customizations. The default pages produced by Spring Security, such as login form, logout form, and so on, can be fully customized in all aspects suiting your application's brand. If you would like to tweak Spring Security's default execution, implementing your own filter is appropriate. Since Spring Security depends heavily on filters to achieve its functionality, let's look at the customization opportunity in this.
In addition, almost all parts of Spring Security can be customized by using your own classes, and then plugged into the Spring Security default flow to manage your own customizations.
As we saw earlier, in a WebFlux web application, Spring Security works based on WebFilter
(similar to Servlet Filter in Spring MVC). If you would like to customize certain aspects in Spring Security, especially in request and response manipulation, implementing a custom WebFilter
is one of the approaches that can be looked...