/** * Creates the {@link FilterInvocationSecurityMetadataSource} to use. The * implementation is a {@link DefaultFilterInvocationSecurityMetadataSource}. * * @param http the builder to use */ @Override FilterInvocationSecurityMetadataSource createMetadataSource(H http) { return new DefaultFilterInvocationSecurityMetadataSource( REGISTRY.createRequestMap()); }
@Override public void configure(H http) throws Exception { ChannelDecisionManagerImpl channelDecisionManager = new ChannelDecisionManagerImpl(); channelDecisionManager.setChannelProcessors(getChannelProcessors(http)); channelDecisionManager = postProcess(channelDecisionManager); channelFilter.setChannelDecisionManager(channelDecisionManager); DefaultFilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource( requestMap); channelFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource); channelFilter = postProcess(channelFilter); http.addFilter(channelFilter); }
/** * Creates the {@link FilterInvocationSecurityMetadataSource} to use. The * implementation is a {@link DefaultFilterInvocationSecurityMetadataSource}. * * @param http the builder to use */ @Override FilterInvocationSecurityMetadataSource createMetadataSource(H http) { return new DefaultFilterInvocationSecurityMetadataSource( REGISTRY.createRequestMap()); }
/** * Gets the filter security interceptor. * * @return the filter security interceptor */ @Bean(name = "fsi") public FilterSecurityInterceptor getFilterSecurityInterceptor() { FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor(); interceptor.setAuthenticationManager(getProviderManager()); interceptor.setAccessDecisionManager(getAffirmativeBased()); LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>(); requestMap.put(new AntPathRequestMatcher("/adm/**"), SecurityConfig.createListFromCommaDelimitedString("ROLE_MANAGER,ROLE_MANAGER-GUI")); requestMap.put(new AntPathRequestMatcher("/adm/restartvm.ajax"), SecurityConfig .createListFromCommaDelimitedString("ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI")); requestMap.put(new AntPathRequestMatcher("/sql/**"), SecurityConfig .createListFromCommaDelimitedString("ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI")); requestMap.put(new AntPathRequestMatcher("/app/**"), SecurityConfig.createListFromCommaDelimitedString( "ROLE_POWERUSER,ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI")); requestMap.put(new AntPathRequestMatcher("/**"), SecurityConfig.createListFromCommaDelimitedString( "ROLE_PROBEUSER,ROLE_POWERUSER,ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI")); interceptor .setSecurityMetadataSource(new DefaultFilterInvocationSecurityMetadataSource(requestMap)); return interceptor; }
@Override public void configure(H http) throws Exception { ChannelDecisionManagerImpl channelDecisionManager = new ChannelDecisionManagerImpl(); channelDecisionManager.setChannelProcessors(getChannelProcessors(http)); channelDecisionManager = postProcess(channelDecisionManager); channelFilter.setChannelDecisionManager(channelDecisionManager); DefaultFilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource( requestMap); channelFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource); channelFilter = postProcess(channelFilter); http.addFilter(channelFilter); }
/** * Creates the {@link FilterInvocationSecurityMetadataSource} to use. The * implementation is a {@link DefaultFilterInvocationSecurityMetadataSource} * . */ @Override FilterInvocationSecurityMetadataSource createMetadataSource() { return new DefaultFilterInvocationSecurityMetadataSource(createRequestMap()); }
/** * Creates the {@link FilterInvocationSecurityMetadataSource} to use. The * implementation is a {@link DefaultFilterInvocationSecurityMetadataSource}. * * @param http the builder to use */ @Override FilterInvocationSecurityMetadataSource createMetadataSource(H http) { return new DefaultFilterInvocationSecurityMetadataSource( REGISTRY.createRequestMap()); }
private void addSecureChannel(List<Filter> filters, Protocol protocol) { ChannelProcessingFilter channelProcessingFilter = new ChannelProcessingFilter(); channelProcessingFilter.setChannelDecisionManager(channelDecisionManager); RequestMatcher anyRequest = new AnyRequestMatcher(); LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>(); Collection<ConfigAttribute> configAtts = new ArrayList<>(); switch (protocol) { case HTTP: configAtts.add(new SecurityConfig("ANY_CHANNEL")); break; case HTTPS: configAtts.add(new SecurityConfig("REQUIRES_SECURE_CHANNEL")); break; default: } requestMap.put(anyRequest, configAtts); FilterInvocationSecurityMetadataSource securityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource(requestMap); channelProcessingFilter.setSecurityMetadataSource(securityMetadataSource); filters.add(channelProcessingFilter); }
@Bean public FilterRegistrationBean<?> securityFilterChain() { FilterSecurityInterceptor securityFilter = new FilterSecurityInterceptor(); securityFilter.setAuthenticationManager(this.authManager); securityFilter.setAccessDecisionManager(this.davDecisionManager); LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> metadata = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>(); metadata.put(AnyRequestMatcher.INSTANCE, SecurityConfig.createList(ROLES)); securityFilter.setSecurityMetadataSource(new DefaultFilterInvocationSecurityMetadataSource(metadata)); /* * Note that the order in which filters are defined is highly important. */ SecurityFilterChain filterChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE, this.cosmoExceptionFilter, this.extraTicketFilter, this.ticketFilter, new BasicAuthenticationFilter(authManager, this.authEntryPoint), securityFilter); FilterRegistrationBean<?> filterBean = new FilterRegistrationBean<>(new FilterChainProxy(filterChain)); filterBean.addUrlPatterns(PATH_DAV); return filterBean; } }
FilterInvocationSecurityMetadataSource metadataSource = new DefaultFilterInvocationSecurityMetadataSource((LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) requestMap);
@Bean public FilterRegistrationBean<?> securityFilterChain() { FilterSecurityInterceptor securityFilter = new FilterSecurityInterceptor(); securityFilter.setAuthenticationManager(this.authManager); securityFilter.setAccessDecisionManager(this.davDecisionManager); LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> metadata = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>(); metadata.put(AnyRequestMatcher.INSTANCE, SecurityConfig.createList(ROLES)); securityFilter.setSecurityMetadataSource(new DefaultFilterInvocationSecurityMetadataSource(metadata)); /* * Note that the order in which filters are defined is highly important. */ SecurityFilterChain filterChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE, this.cosmoExceptionFilter, this.extraTicketFilter, this.ticketFilter, new BasicAuthenticationFilter(authManager, this.authEntryPoint), securityFilter); FilterRegistrationBean<?> filterBean = new FilterRegistrationBean<>(new FilterChainProxy(filterChain)); filterBean.addUrlPatterns(PATH_DAV); return filterBean; } }
@Override public void configure(H http) throws Exception { ChannelDecisionManagerImpl channelDecisionManager = new ChannelDecisionManagerImpl(); channelDecisionManager.setChannelProcessors(getChannelProcessors(http)); channelDecisionManager = postProcess(channelDecisionManager); channelFilter.setChannelDecisionManager(channelDecisionManager); DefaultFilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource(requestMap); channelFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource); channelFilter = postProcess(channelFilter); http.addFilter(channelFilter); }
@Override public void configure(H http) throws Exception { ChannelDecisionManagerImpl channelDecisionManager = new ChannelDecisionManagerImpl(); channelDecisionManager.setChannelProcessors(getChannelProcessors(http)); channelDecisionManager = postProcess(channelDecisionManager); channelFilter.setChannelDecisionManager(channelDecisionManager); DefaultFilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource( requestMap); channelFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource); channelFilter = postProcess(channelFilter); http.addFilter(channelFilter); }