diff --git a/mcp/pom.xml b/mcp/pom.xml
index 17693ab32..dd1730e22 100644
--- a/mcp/pom.xml
+++ b/mcp/pom.xml
@@ -90,6 +90,12 @@
test
+
+ org.springframework.security
+ spring-security-core
+ ${springframework.version}
+
+
io.projectreactor.netty
@@ -205,4 +211,4 @@
-
\ No newline at end of file
+
diff --git a/mcp/src/main/java/io/modelcontextprotocol/server/McpAsyncServerExchange.java b/mcp/src/main/java/io/modelcontextprotocol/server/McpAsyncServerExchange.java
index 889dc66d0..c14c901f9 100644
--- a/mcp/src/main/java/io/modelcontextprotocol/server/McpAsyncServerExchange.java
+++ b/mcp/src/main/java/io/modelcontextprotocol/server/McpAsyncServerExchange.java
@@ -50,6 +50,10 @@ public McpAsyncServerExchange(McpServerSession session, McpSchema.ClientCapabili
this.clientInfo = clientInfo;
}
+ public McpServerSession getSession() {
+ return session;
+ }
+
/**
* Get the client capabilities that define the supported features and functionality.
* @return The client capabilities
diff --git a/mcp/src/main/java/io/modelcontextprotocol/server/McpSyncServerExchange.java b/mcp/src/main/java/io/modelcontextprotocol/server/McpSyncServerExchange.java
index 52360e54b..28af60578 100644
--- a/mcp/src/main/java/io/modelcontextprotocol/server/McpSyncServerExchange.java
+++ b/mcp/src/main/java/io/modelcontextprotocol/server/McpSyncServerExchange.java
@@ -7,6 +7,7 @@
import io.modelcontextprotocol.spec.McpSchema;
import io.modelcontextprotocol.spec.McpSchema.LoggingLevel;
import io.modelcontextprotocol.spec.McpSchema.LoggingMessageNotification;
+import io.modelcontextprotocol.spec.McpServerSession;
/**
* Represents a synchronous exchange with a Model Context Protocol (MCP) client. The
@@ -90,4 +91,7 @@ public void loggingNotification(LoggingMessageNotification loggingMessageNotific
this.exchange.loggingNotification(loggingMessageNotification).block();
}
+ public McpServerSession getSession() {
+ return exchange.getSession();
+ }
}
diff --git a/mcp/src/main/java/io/modelcontextprotocol/spec/McpServerSession.java b/mcp/src/main/java/io/modelcontextprotocol/spec/McpServerSession.java
index 86906d859..d621cf687 100644
--- a/mcp/src/main/java/io/modelcontextprotocol/spec/McpServerSession.java
+++ b/mcp/src/main/java/io/modelcontextprotocol/spec/McpServerSession.java
@@ -11,6 +11,8 @@
import io.modelcontextprotocol.server.McpAsyncServerExchange;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
import reactor.core.publisher.Mono;
import reactor.core.publisher.MonoSink;
import reactor.core.publisher.Sinks;
@@ -48,6 +50,8 @@ public class McpServerSession implements McpSession {
private final AtomicReference clientInfo = new AtomicReference<>();
+ private Authentication authentication;
+
private static final int STATE_UNINITIALIZED = 0;
private static final int STATE_INITIALIZING = 1;
@@ -79,6 +83,7 @@ public McpServerSession(String id, Duration requestTimeout, McpServerTransport t
this.initNotificationHandler = initNotificationHandler;
this.requestHandlers = requestHandlers;
this.notificationHandlers = notificationHandlers;
+ this.authentication = SecurityContextHolder.getContext().getAuthentication();
}
/**
@@ -89,6 +94,15 @@ public String getId() {
return this.id;
}
+ /**
+ * Retrieve authentication object set by Spring security filters as per your project
+ * security config
+ * @return Authentication
+ */
+ public Authentication getAuthentication() {
+ return authentication;
+ }
+
/**
* Called upon successful initialization sequence between the client and the server
* with the client capabilities and information.