@Override public void configure(HttpSecurity http) throws Exception { SmsAuthenticationFilter smsAuthenticationFilter = new SmsAuthenticationFilter(); smsAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); smsAuthenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler); smsAuthenticationFilter.setAuthenticationFailureHandler(authenticationFailureHandler); SmsAuthenticationProvider smsAuthenticationProvider = new SmsAuthenticationProvider(); smsAuthenticationProvider.setUserDetailService(userDetailService); http.authenticationProvider(smsAuthenticationProvider) .addFilterAfter(smsAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }
http.authenticationProvider(new AnonymousAuthenticationProvider("default"))
@Override public void configure(HttpSecurity http) throws Exception { MobileAuthenticationFilter mobileAuthenticationFilter = new MobileAuthenticationFilter(); mobileAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); mobileAuthenticationFilter.setAuthenticationSuccessHandler(mobileLoginSuccessHandler); MobileAuthenticationProvider mobileAuthenticationProvider = new MobileAuthenticationProvider(); mobileAuthenticationProvider.setUserService(userService); http.authenticationProvider(mobileAuthenticationProvider) .addFilterAfter(mobileAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }
@Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); //SAML 설정 http.httpBasic().authenticationEntryPoint(samlEntryPoint()); http .authenticationProvider(samlAuthenticationProvider()); http .addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class) .addFilterAfter(samlFilter(), BasicAuthenticationFilter.class); http .authorizeRequests() .antMatchers("/").permitAll() .antMatchers("/error").permitAll() .antMatchers("/saml/**").permitAll() .anyRequest().authenticated(); http .logout() .logoutSuccessUrl("/"); http.headers().frameOptions().disable(); http.authorizeRequests().anyRequest().permitAll(); }
.anyRequest().authenticated() .and() .authenticationProvider(authenticationProvider()) .exceptionHandling() .authenticationEntryPoint(authenticationEntryPoint)
@Override protected void configure(final HttpSecurity http) throws Exception { http .sessionManagement() .sessionCreationPolicy(STATELESS) .and() .exceptionHandling() // this entry point handles when you request a protected page and you are not yet // authenticated .defaultAuthenticationEntryPointFor(forbiddenEntryPoint(), PROTECTED_URLS) .and() .authenticationProvider(provider) .addFilterBefore(restAuthenticationFilter(), AnonymousAuthenticationFilter.class) .authorizeRequests() .requestMatchers(PROTECTED_URLS) .authenticated() .and() .csrf().disable() .formLogin().disable() .httpBasic().disable() .logout().disable(); }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.cors() // if Spring MVC is on classpath and no CorsConfigurationSource is provided, Spring Security will use CORS configuration provided to Spring MVC .and() .authenticationProvider(customAuthProvider()) .csrf() .ignoringAntMatchers("/stomp/**") .requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize")) .disable() .headers() .frameOptions().disable() .and() .authorizeRequests() .expressionHandler(webExpressionHandler()) .antMatchers("/oauth/token").permitAll() .anyRequest().authenticated() .and() .exceptionHandling() // TODO: 예외 처리 방식은 추후 정리 .accessDeniedPage("/station.login.jsp?authorization_error=true"); // @formatter:on http.headers().frameOptions().disable(); http.authorizeRequests().anyRequest().permitAll(); }
new TokenAuthProvider(tokenValidator, userDetailsService, authProcessor)); http.csrf().disable() .authenticationProvider(provider).userDetailsService(userDetailsService) .anonymous().principal(SecurityUtils.USER_ANONYMOUS).and() .authorizeRequests().antMatchers(uiPrefix + "/token/login").permitAll()
@Override public void configure(HttpSecurity http) throws Exception { AjaxAuthenticationFilter ajaxAuthenticationFilter = new AjaxAuthenticationFilter(); ajaxAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); ajaxAuthenticationFilter.setAuthenticationSuccessHandler(jwtLoginSuccessHandler); AjaxAuthenticationProvider ajaxAuthenticationProvider = new AjaxAuthenticationProvider(); ajaxAuthenticationProvider.setUserFeignApi(userFeignApi); http.authenticationProvider(ajaxAuthenticationProvider) .addFilterAfter(ajaxAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }
/** * Configure. * * @param http the http */ @Override public void configure(HttpSecurity http) { SmsCodeAuthenticationFilter smsCodeAuthenticationFilter = new SmsCodeAuthenticationFilter(); smsCodeAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); smsCodeAuthenticationFilter.setAuthenticationSuccessHandler(pcAuthenticationSuccessHandler); smsCodeAuthenticationFilter.setAuthenticationFailureHandler(pcAuthenticationFailureHandler); String key = UUID.randomUUID().toString(); smsCodeAuthenticationFilter.setRememberMeServices(new PersistentTokenBasedRememberMeServices(key, userDetailsService, persistentTokenRepository)); SmsCodeAuthenticationProvider smsCodeAuthenticationProvider = new SmsCodeAuthenticationProvider(); smsCodeAuthenticationProvider.setUserDetailsService(userDetailsService); http.authenticationProvider(smsCodeAuthenticationProvider) .addFilterAfter(smsCodeAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); // }
@SuppressWarnings("unchecked") @Override public void init(HttpSecurity http) throws Exception { serviceProviderBuilder.build(); SAMLAuthenticationProvider authenticationProvider = serviceProviderBuilder.getSharedObject(SAMLAuthenticationProvider.class); SAMLEntryPoint sAMLEntryPoint = serviceProviderBuilder.getSharedObject(SAMLEntryPoint.class); CheckedConsumer<HttpSecurity, Exception> httpConsumer = serviceProviderBuilder.getSharedObject(CheckedConsumer.class); // @formatter:off http .exceptionHandling() .authenticationEntryPoint(sAMLEntryPoint); http .logout() .disable(); http. authenticationProvider(authenticationProvider); if(httpConsumer != null) { httpConsumer.accept(http); } // @formatter:on }
@Override public void configure(HttpSecurity http) throws Exception { SmsCodeAuthenticationFilter smsCodeAuthenticationFilter = new SmsCodeAuthenticationFilter(); smsCodeAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); smsCodeAuthenticationFilter.setAuthenticationSuccessHandler(myAuthenticationSuccessHandler); smsCodeAuthenticationFilter.setAuthenticationFailureHandler(myAuthenticationFailureHandler); // 获取验证码提供者 SmsCodeAuthenticationProvider smsCodeAuthenticationProvider = new SmsCodeAuthenticationProvider(); smsCodeAuthenticationProvider.setUserDetailsService(userDetailsService); http.authenticationProvider(smsCodeAuthenticationProvider) .addFilterAfter(smsCodeAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }
@Override public void configure(HttpSecurity http) throws Exception { SmsCodeAuthenticationFilter smsCodeAuthenticationFilter = new SmsCodeAuthenticationFilter(); smsCodeAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); smsCodeAuthenticationFilter.setAuthenticationSuccessHandler(myAuthenticationSuccessHandler); smsCodeAuthenticationFilter.setAuthenticationFailureHandler(myAuthenticationFailureHandler); SmsCodeAuthenticationProvider smsCodeAuthenticationProvider = new SmsCodeAuthenticationProvider(); smsCodeAuthenticationProvider.setUserDetailsService(userDetailsService); http.authenticationProvider(smsCodeAuthenticationProvider) .addFilterAfter(smsCodeAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) ; } }
@Override public void configure(HttpSecurity builder) throws Exception { //配置Filter SmsCodeAuthenticationFilter smsCodeAuthenticationFilter = new SmsCodeAuthenticationFilter(); //配置AuthenticationManager smsCodeAuthenticationFilter.setAuthenticationManager(builder.getSharedObject(AuthenticationManager.class)); //配置 smsCodeAuthenticationFilter.setAuthenticationSuccessHandler(tihomAuthenticationSuccessHandler); smsCodeAuthenticationFilter.setAuthenticationFailureHandler(tihomAuthenticationFailureHandler); SmsCodeAuthenticationProvider smsCodeAuthenticationProvider = new SmsCodeAuthenticationProvider(); //配置smsCodeAuthenticationProvider所调用的UserDetailsService smsCodeAuthenticationProvider.setUserDetailsService(userDetailsService); //将自定义的AuthenticationProvider添加到AuthenticationManager所管理的Provider集合里面去 builder.authenticationProvider(smsCodeAuthenticationProvider) //将过滤器添加到用户名密码验证过滤器的后面就行 .addFilterAfter(smsCodeAuthenticationFilter,UsernamePasswordAuthenticationFilter.class); } }
http.authenticationProvider(new AnonymousAuthenticationProvider("default"))
/** * Configure. * * @param http the http */ @Override public void configure(HttpSecurity http) { OpenIdAuthenticationFilter openIdAuthenticationFilter = new OpenIdAuthenticationFilter(); openIdAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); openIdAuthenticationFilter.setAuthenticationSuccessHandler(pcAuthenticationSuccessHandler); openIdAuthenticationFilter.setAuthenticationFailureHandler(pcAuthenticationFailureHandler); OpenIdAuthenticationProvider openIdAuthenticationProvider = new OpenIdAuthenticationProvider(); openIdAuthenticationProvider.setUserDetailsService(userDetailsService); openIdAuthenticationProvider.setUsersConnectionRepository(usersConnectionRepository); http.authenticationProvider(openIdAuthenticationProvider) .addFilterAfter(openIdAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); }
/** * 把写的过滤器和provider都配到安装环境中 * @param http * @throws Exception */ @Override public void configure(HttpSecurity http) throws Exception { OpenIdAuthenticationFilter OpenIdAuthenticationFilter = new OpenIdAuthenticationFilter(); OpenIdAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); OpenIdAuthenticationFilter.setAuthenticationSuccessHandler(imoocAuthenticationSuccessHandler); OpenIdAuthenticationFilter.setAuthenticationFailureHandler(imoocAuthenticationFailureHandler); OpenIdAuthenticationProvider OpenIdAuthenticationProvider = new OpenIdAuthenticationProvider(); OpenIdAuthenticationProvider.setUserDetailsService(userDetailsService); OpenIdAuthenticationProvider.setUsersConnectionRepository(usersConnectionRepository); http.authenticationProvider(OpenIdAuthenticationProvider) .addFilterAfter(OpenIdAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }
.addFilterAfter(samlFilter(samlEntryPoint, samlLogoutFilter, samlLogoutProcessingFilter, contextProvider), BasicAuthenticationFilter.class) .authenticationProvider(samlAuthenticationProvider);
http.authenticationProvider( new SocialAuthenticationProvider(usersConnectionRepository, socialUsersDetailsService)) .addFilterBefore(postProcess(filter), AbstractPreAuthenticatedProcessingFilter.class);
http.authenticationProvider( new SocialAuthenticationProvider(usersConnectionRepository, socialUsersDetailsService)) .addFilterBefore(postProcess(filter), AbstractPreAuthenticatedProcessingFilter.class);