@Override public void configure(H http) throws Exception { AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http); ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter( entryPoint, getRequestCache(http)); AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http); exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler); exceptionTranslationFilter = postProcess(exceptionTranslationFilter); http.addFilter(exceptionTranslationFilter); }
ExceptionTranslationFilter filter = new ExceptionTranslationFilter(ep, cache);
/** * Gets the exception translation filter. * * @return the exception translation filter */ @Bean(name = "etf") public ExceptionTranslationFilter getExceptionTranslationFilter() { return new ExceptionTranslationFilter(getHttp403ForbiddenEntryPoint()); }
@Before public void setUp() throws Exception { AnonymousAuthenticationFilter aaf = new AnonymousAuthenticationFilter("anonymous"); fsi = new FilterSecurityInterceptor(); fsi.setAccessDecisionManager(accessDecisionManager); fsi.setSecurityMetadataSource(metadataSource); AuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint( "/login"); ExceptionTranslationFilter etf = new ExceptionTranslationFilter( authenticationEntryPoint); DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain( AnyRequestMatcher.INSTANCE, aaf, etf, fsi); fcp = new FilterChainProxy(securityChain); validator = new DefaultFilterChainValidator(); ReflectionTestUtils.setField(validator, "logger", logger); }
@Override public void configure(H http) throws Exception { AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http); ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter( entryPoint, getRequestCache(http)); AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http); exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler); exceptionTranslationFilter = postProcess(exceptionTranslationFilter); http.addFilter(exceptionTranslationFilter); }
private void addExceptionTranslationFilter(List<Filter> filters, RequestCache requestCache, boolean isRest) { ExceptionTranslationFilter exceptionFilter; if (isRest) { exceptionFilter = new ExceptionTranslationFilter(basicAuthenticationEntryPoint, requestCache); } else { exceptionFilter = new ExceptionTranslationFilter(loginAuthenticationEntryPoint, requestCache); } filters.add(exceptionFilter); }
sessionManagement().sessionAuthenticationStrategy(sessionAuthenticationStrategy). and(). addFilter(new ExceptionTranslationFilter(new AuthenticationProcessingFilterEntryPoint()));
@Configuration @EnableWebSecurity @Order(2) public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { ExceptionTranslationFilter = new ExceptionTranslationFilter(new AuthenticationExceptionHandler()); http.addFilterAfter(new StatelessAuthenticationFilter(tokenAuthenticationService), ExceptionTranslationFilter.class); } } public class AuthenticationExceptionHandler implements AuthenticationEntryPoint { public void commence(HttpServletRequest request, HttpServletResponse, AuthenticationException e) throws IOException, ServletException { //Logic on how to handle JWT exception goes here } } public class StatelessAuthenticationFilter extends GenericFilterBean { @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { try { //DECRYPT YOUR JWT } catch (Exception e) { throw new AuthenticationException();//If you get an exception wrap it in a AuthenticationException (or a class that extends it) } } }
@Override public void configure(H http) throws Exception { AuthenticationEntryPoint entryPoint = getEntryPoint(http); ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(entryPoint, getRequestCache(http)); if(accessDeniedHandler != null) { exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandler); } exceptionTranslationFilter = postProcess(exceptionTranslationFilter); http.addFilter(exceptionTranslationFilter); }
@Override public void configure(H http) throws Exception { AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http); ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter( entryPoint, getRequestCache(http)); AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http); exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler); exceptionTranslationFilter = postProcess(exceptionTranslationFilter); http.addFilter(exceptionTranslationFilter); }
public Filter[] getCommonFilters() { AnonymousAuthenticationFilter anonymousProcessingFilter = new AnonymousAuthenticationFilter("anonymous"); UserAttribute userAttribute = new UserAttribute(); userAttribute.setPassword("anonymous"); String authorities = "anonymous, ROLE_ANONYMOUS"; userAttribute.setAuthoritiesAsString(Arrays.asList(authorities)); anonymousProcessingFilter.setUserAttribute(userAttribute); ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(); AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl(); exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandler); HudsonAuthenticationEntryPoint hudsonAuthenticationEntryPoint = new HudsonAuthenticationEntryPoint(); hudsonAuthenticationEntryPoint.setLoginFormUrl('/' + getLoginUrl() + "?from={0}"); exceptionTranslationFilter.setAuthenticationEntryPoint(hudsonAuthenticationEntryPoint); UnwrapSecurityExceptionFilter unwrapSecurityExceptionFilter = new UnwrapSecurityExceptionFilter(); Filter[] filters = { anonymousProcessingFilter, exceptionTranslationFilter, unwrapSecurityExceptionFilter }; return filters; } /**