@Override public void configure(H http) throws Exception { X509AuthenticationFilter filter = getFilter(http .getSharedObject(AuthenticationManager.class)); http.addFilter(filter); }
@SuppressWarnings("unchecked") @Override public void init(H http) throws Exception { validateInput(); String key = getKey(); RememberMeServices rememberMeServices = getRememberMeServices(http, key); http.setSharedObject(RememberMeServices.class, rememberMeServices); LogoutConfigurer<H> logoutConfigurer = http.getConfigurer(LogoutConfigurer.class); if (logoutConfigurer != null && this.logoutHandler != null) { logoutConfigurer.addLogoutHandler(this.logoutHandler); } RememberMeAuthenticationProvider authenticationProvider = new RememberMeAuthenticationProvider( key); authenticationProvider = postProcess(authenticationProvider); http.authenticationProvider(authenticationProvider); initDefaultLoginFilter(http); }
/** * Disables the {@link AbstractHttpConfigurer} by removing it. After doing so a fresh * version of the configuration can be applied. * * @return the {@link HttpSecurityBuilder} for additional customizations */ @SuppressWarnings("unchecked") public B disable() { getBuilder().removeConfigurer(getClass()); return getBuilder(); }
static <B extends HttpSecurityBuilder<B>> ClientRegistrationRepository getClientRegistrationRepository(B builder) { ClientRegistrationRepository clientRegistrationRepository = builder.getSharedObject(ClientRegistrationRepository.class); if (clientRegistrationRepository == null) { clientRegistrationRepository = getClientRegistrationRepositoryBean(builder); builder.setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository); } return clientRegistrationRepository; }
@Override @SuppressWarnings("unchecked") public void configure(H http) throws Exception { AuthenticationEntryPoint authenticationEntryPoint = null; ExceptionHandlingConfigurer<?> exceptionConf = http .getConfigurer(ExceptionHandlingConfigurer.class); if (exceptionConf != null) { authenticationEntryPoint = exceptionConf.getAuthenticationEntryPoint(); } if (loginPageGeneratingFilter.isEnabled() && authenticationEntryPoint == null) { loginPageGeneratingFilter = postProcess(loginPageGeneratingFilter); http.addFilter(loginPageGeneratingFilter); http.addFilter(this.logoutPageGeneratingFilter); } }
private static <B extends HttpSecurityBuilder<B>> ClientRegistrationRepository getClientRegistrationRepositoryBean(B builder) { return builder.getSharedObject(ApplicationContext.class).getBean(ClientRegistrationRepository.class); }
@Override public void init(H http) throws Exception { PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider(); authenticationProvider.setPreAuthenticatedUserDetailsService(getAuthenticationUserDetailsService(http)); http .authenticationProvider(authenticationProvider) .setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint()); } // @formatter:on
@Override @SuppressWarnings("unchecked") public void configure(H http) throws Exception { SecurityContextRepository securityContextRepository = http .getSharedObject(SecurityContextRepository.class); if (securityContextRepository == null) { securityContextRepository = new HttpSessionSecurityContextRepository(); } SecurityContextPersistenceFilter securityContextFilter = new SecurityContextPersistenceFilter( securityContextRepository); SessionManagementConfigurer<?> sessionManagement = http .getConfigurer(SessionManagementConfigurer.class); SessionCreationPolicy sessionCreationPolicy = sessionManagement == null ? null : sessionManagement.getSessionCreationPolicy(); if (SessionCreationPolicy.ALWAYS == sessionCreationPolicy) { securityContextFilter.setForceEagerSessionCreation(true); } securityContextFilter = postProcess(securityContextFilter); http.addFilter(securityContextFilter); } }
@Override public void configure(H http) throws Exception { BearerTokenResolver bearerTokenResolver = getBearerTokenResolver(); this.requestMatcher.setBearerTokenResolver(bearerTokenResolver); AuthenticationManager manager = http.getSharedObject(AuthenticationManager.class); BearerTokenAuthenticationFilter filter = new BearerTokenAuthenticationFilter(manager); filter.setBearerTokenResolver(bearerTokenResolver); filter.setAuthenticationEntryPoint(this.authenticationEntryPoint); filter = postProcess(filter); http.addFilter(filter); if ( this.jwtConfigurer == null ) { throw new IllegalStateException("Jwt is the only supported format for bearer tokens " + "in Spring Security and no Jwt configuration was found. Make sure to specify " + "a jwk set uri by doing http.oauth2ResourceServer().jwt().jwkSetUri(uri), or wire a " + "JwtDecoder instance by doing http.oauth2ResourceServer().jwt().decoder(decoder), or " + "expose a JwtDecoder instance as a bean and do http.oauth2ResourceServer().jwt()."); } JwtDecoder decoder = this.jwtConfigurer.getJwtDecoder(); Converter<Jwt, ? extends AbstractAuthenticationToken> jwtAuthenticationConverter = this.jwtConfigurer.getJwtAuthenticationConverter(); JwtAuthenticationProvider provider = new JwtAuthenticationProvider(decoder); provider.setJwtAuthenticationConverter(jwtAuthenticationConverter); provider = postProcess(provider); http.authenticationProvider(provider); }
@Override public void configure(H http) throws Exception { FilterInvocationSecurityMetadataSource metadataSource = createMetadataSource(http); if (metadataSource == null) { return; } FilterSecurityInterceptor securityInterceptor = createFilterSecurityInterceptor( http, metadataSource, http.getSharedObject(AuthenticationManager.class)); if (filterSecurityInterceptorOncePerRequest != null) { securityInterceptor .setObserveOncePerRequest(filterSecurityInterceptorOncePerRequest); } securityInterceptor = postProcess(securityInterceptor); http.addFilter(securityInterceptor); http.setSharedObject(FilterSecurityInterceptor.class, securityInterceptor); }
private void registerDefaultEntryPoint(H http) { ExceptionHandlingConfigurer<H> exceptionHandling = http .getConfigurer(ExceptionHandlingConfigurer.class); if (exceptionHandling == null) { return; } exceptionHandling.defaultAuthenticationEntryPointFor( this.authenticationEntryPoint, this.requestMatcher); }
/** * Allows explicit configuration of the {@link RequestCache} to be used. Defaults to * try finding a {@link RequestCache} as a shared object. Then falls back to a * {@link HttpSessionRequestCache}. * * @param requestCache the explicit {@link RequestCache} to use * @return the {@link RequestCacheConfigurer} for further customization */ public RequestCacheConfigurer<H> requestCache(RequestCache requestCache) { getBuilder().setSharedObject(RequestCache.class, requestCache); return this; }
@Override public void init(H http) throws Exception { if (authenticationProvider == null) { authenticationProvider = new AnonymousAuthenticationProvider(getKey()); } if (authenticationFilter == null) { authenticationFilter = new AnonymousAuthenticationFilter(getKey(), principal, authorities); } authenticationProvider = postProcess(authenticationProvider); http.authenticationProvider(authenticationProvider); }
@SuppressWarnings("unchecked") private RequestMatcher createDefaultSavedRequestMatcher(H http) { ContentNegotiationStrategy contentNegotiationStrategy = http .getSharedObject(ContentNegotiationStrategy.class); if (contentNegotiationStrategy == null) { contentNegotiationStrategy = new HeaderContentNegotiationStrategy(); new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest")); boolean isCsrfEnabled = http.getConfigurer(CsrfConfigurer.class) != null;
@Override public void configure(H http) throws Exception { authenticationFilter.afterPropertiesSet(); http.addFilter(authenticationFilter); }
private GrantedAuthoritiesMapper getGrantedAuthoritiesMapper() { GrantedAuthoritiesMapper grantedAuthoritiesMapper = this.getBuilder().getSharedObject(GrantedAuthoritiesMapper.class); if (grantedAuthoritiesMapper == null) { grantedAuthoritiesMapper = this.getGrantedAuthoritiesMapperBean(); if (grantedAuthoritiesMapper != null) { this.getBuilder().setSharedObject(GrantedAuthoritiesMapper.class, grantedAuthoritiesMapper); } } return grantedAuthoritiesMapper; }
private <T> T getBeanOrNull(Class<T> type) { ApplicationContext context = getBuilder().getSharedObject(ApplicationContext.class); if (context == null) { return null; } try { return context.getBean(type); } catch (NoSuchBeanDefinitionException e) { return null; } } @SuppressWarnings("unchecked")
/** * Populates a {@link PreAuthenticatedAuthenticationProvider} into * {@link HttpSecurity#authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)} * and a {@link Http403ForbiddenEntryPoint} into * {@link HttpSecurityBuilder#setSharedObject(Class, Object)} * * @see org.springframework.security.config.annotation.SecurityConfigurerAdapter#init(org.springframework.security.config.annotation.SecurityBuilder) */ @Override public void init(H http) throws Exception { PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider(); authenticationProvider .setPreAuthenticatedUserDetailsService(getUserDetailsService()); authenticationProvider = postProcess(authenticationProvider); // @formatter:off http .authenticationProvider(authenticationProvider) .setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint()); // @formatter:on }
public void configure(H http) throws Exception { securityContextRequestFilter.setAuthenticationManager(http .getSharedObject(AuthenticationManager.class)); ExceptionHandlingConfigurer<H> exceptionConf = http .getConfigurer(ExceptionHandlingConfigurer.class); AuthenticationEntryPoint authenticationEntryPoint = exceptionConf == null ? null : exceptionConf.getAuthenticationEntryPoint(http); securityContextRequestFilter .setAuthenticationEntryPoint(authenticationEntryPoint); LogoutConfigurer<H> logoutConf = http.getConfigurer(LogoutConfigurer.class); List<LogoutHandler> logoutHandlers = logoutConf == null ? null : logoutConf .getLogoutHandlers(); securityContextRequestFilter.setLogoutHandlers(logoutHandlers); AuthenticationTrustResolver trustResolver = http .getSharedObject(AuthenticationTrustResolver.class); if (trustResolver != null) { securityContextRequestFilter.setTrustResolver(trustResolver); ApplicationContext context = http.getSharedObject(ApplicationContext.class); if (context != null) { String[] grantedAuthorityDefaultsBeanNames = context.getBeanNamesForType(GrantedAuthorityDefaults.class); http.addFilter(securityContextRequestFilter);
@Override public void configure(H http) throws Exception { BearerTokenResolver bearerTokenResolver = getBearerTokenResolver(); this.requestMatcher.setBearerTokenResolver(bearerTokenResolver); AuthenticationManager manager = http.getSharedObject(AuthenticationManager.class); BearerTokenAuthenticationFilter filter = new BearerTokenAuthenticationFilter(manager); filter.setBearerTokenResolver(bearerTokenResolver); filter.setAuthenticationEntryPoint(this.authenticationEntryPoint); filter = postProcess(filter); http.addFilter(filter); if ( this.jwtConfigurer == null ) { throw new IllegalStateException("Jwt is the only supported format for bearer tokens " + "in Spring Security and no Jwt configuration was found. Make sure to specify " + "a jwk set uri by doing http.oauth2ResourceServer().jwt().jwkSetUri(uri), or wire a " + "JwtDecoder instance by doing http.oauth2ResourceServer().jwt().decoder(decoder), or " + "expose a JwtDecoder instance as a bean and do http.oauth2ResourceServer().jwt()."); } JwtDecoder decoder = this.jwtConfigurer.getJwtDecoder(); Converter<Jwt, ? extends AbstractAuthenticationToken> jwtAuthenticationConverter = this.jwtConfigurer.getJwtAuthenticationConverter(); JwtAuthenticationProvider provider = new JwtAuthenticationProvider(decoder); provider.setJwtAuthenticationConverter(jwtAuthenticationConverter); provider = postProcess(provider); http.authenticationProvider(provider); }