/** * Allows easily changing the realm, but leaving the remaining defaults in place. If * {@link #authenticationEntryPoint(AuthenticationEntryPoint)} has been invoked, * invoking this method will result in an error. * * @param realmName the HTTP Basic realm to use * @return {@link HttpBasicConfigurer} for additional customization * @throws Exception */ public HttpBasicConfigurer<B> realmName(String realmName) throws Exception { this.basicAuthEntryPoint.setRealmName(realmName); this.basicAuthEntryPoint.afterPropertiesSet(); return this; }
@Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { req.setAttribute(GeoServerSecurityFilter.AUTHENTICATION_ENTRY_POINT_HEADER, aep); Integer validity = aep.getNonceValiditySeconds(); // upper limits in the cache, makes no sense to cache an expired authentication token req.setAttribute(GeoServerCompositeFilter.CACHE_KEY_IDLE_SECS, validity); req.setAttribute(GeoServerCompositeFilter.CACHE_KEY_LIVE_SECS, validity); super.doFilter(req, res, chain); }
@Override public void configure(B http) throws Exception { AuthenticationManager authenticationManager = http .getSharedObject(AuthenticationManager.class); BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter( authenticationManager, this.authenticationEntryPoint); if (this.authenticationDetailsSource != null) { basicAuthenticationFilter .setAuthenticationDetailsSource(this.authenticationDetailsSource); } RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class); if (rememberMeServices != null) { basicAuthenticationFilter.setRememberMeServices(rememberMeServices); } basicAuthenticationFilter = postProcess(basicAuthenticationFilter); http.addFilter(basicAuthenticationFilter); } }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { super.initializeFromConfig(config); try { digest = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException("No MD5 algorithm available!"); } aep = new BasicAuthenticationEntryPoint(); aep.setRealmName(GeoServerSecurityManager.REALM); try { aep.afterPropertiesSet(); } catch (Exception e) { throw new IOException(e); } BasicAuthenticationFilterConfig authConfig = (BasicAuthenticationFilterConfig) config; BasicAuthenticationFilter filter = new BasicAuthenticationFilter(getSecurityManager().authenticationManager(), aep); if (authConfig.isUseRememberMe()) { filter.setRememberMeServices(securityManager.getRememberMeService()); GeoServerWebAuthenticationDetailsSource s = new GeoServerWebAuthenticationDetailsSource(); filter.setAuthenticationDetailsSource(s); } filter.afterPropertiesSet(); getNestedFilters().add(filter); }
@SuppressWarnings("unchecked") private void registerDefaultAuthenticationEntryPoint(HttpSecurity http) { ExceptionHandlingConfigurer<HttpSecurity> exceptionHandling = http .getConfigurer(ExceptionHandlingConfigurer.class); if (exceptionHandling == null) { return; } if (authenticationEntryPoint==null) { BasicAuthenticationEntryPoint basicEntryPoint = new BasicAuthenticationEntryPoint(); basicEntryPoint.setRealmName(realm); authenticationEntryPoint = basicEntryPoint; } ContentNegotiationStrategy contentNegotiationStrategy = http.getSharedObject(ContentNegotiationStrategy.class); if (contentNegotiationStrategy == null) { contentNegotiationStrategy = new HeaderContentNegotiationStrategy(); } MediaTypeRequestMatcher preferredMatcher = new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.APPLICATION_ATOM_XML, MediaType.APPLICATION_FORM_URLENCODED, MediaType.APPLICATION_JSON, MediaType.APPLICATION_OCTET_STREAM, MediaType.APPLICATION_XML, MediaType.MULTIPART_FORM_DATA, MediaType.TEXT_XML); preferredMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL)); exceptionHandling.defaultAuthenticationEntryPointFor(postProcess(authenticationEntryPoint), preferredMatcher); }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { super.initializeFromConfig(config); DigestAuthenticationFilterConfig authConfig = (DigestAuthenticationFilterConfig) config; aep = new DigestAuthenticationEntryPoint(); aep.setKey(config.getName()); aep.setNonceValiditySeconds( authConfig.getNonceValiditySeconds() <= 0 ? 300 : authConfig.getNonceValiditySeconds()); aep.setRealmName(GeoServerSecurityManager.REALM); try { aep.afterPropertiesSet(); } catch (Exception e) { throw new IOException(e); } DigestAuthenticationFilter filter = new DigestAuthenticationFilter(); filter.setCreateAuthenticatedToken(true); filter.setPasswordAlreadyEncoded(true); filter.setAuthenticationEntryPoint(aep); HttpDigestUserDetailsServiceWrapper wrapper = new HttpDigestUserDetailsServiceWrapper( getSecurityManager() .loadUserGroupService(authConfig.getUserGroupServiceName()), Charset.defaultCharset()); filter.setUserDetailsService(wrapper); filter.afterPropertiesSet(); getNestedFilters().add(filter); }
@Override public void afterPropertiesSet() throws Exception { setRealmName("Fediz"); super.afterPropertiesSet(); }
@Bean DigestAuthenticationFilter digestFilter(DigestAuthenticationEntryPoint digestAuthenticationEntryPoint, UserCache digestUserCache, UserDetailsService userDetailsService) { DigestAuthenticationFilter filter = new DigestAuthenticationFilter(); filter.setAuthenticationEntryPoint(digestAuthenticationEntryPoint); filter.setUserDetailsService(userDetailsService); filter.setUserCache(digestUserCache); return filter; }
@Bean DigestAuthenticationEntryPoint digestAuthenticationEntry() { DigestAuthenticationEntryPoint digestAuthenticationEntry = new DigestAuthenticationEntryPoint(); digestAuthenticationEntry.setRealmName("GAURAVBYTES.COM"); digestAuthenticationEntry.setKey("GRM"); digestAuthenticationEntry.setNonceValiditySeconds(60); return digestAuthenticationEntry; }
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException ex) throws IOException, ServletException { if (ex instanceof AuthenticationServiceException) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.flushBuffer(); } else { super.commence(request, response, ex); } }
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { try{ String header = request.getHeader("Authorization"); if (header == null || !header.startsWith("Basic ")) { chain.doFilter(request, response); return; } String[] decodedHeader = extractAndDecodeHeader(header, request); //Validate against client lockout policy String clientId = decodedHeader[0]; //Validate against client secret expiration in the zone configured client secret policy Timestamp lastModified = (Timestamp) clientDetailsService.loadClientByClientId(clientId).getAdditionalInformation().get(ClientConstants.LAST_MODIFIED); } catch(BadCredentialsException e) { super.getAuthenticationEntryPoint().commence(request, response, e); return; } catch(ClientRegistrationException e) { logger.debug(e.getMessage()); } //call parent class to authenticate super.doFilterInternal(request, response, chain); }
String calculateServerDigest(String password, String httpMethod) { // Compute the expected response-digest (will be in hex form) // Don't catch IllegalArgumentException (already checked validity) return DigestAuthUtils.generateDigest( DigestAuthenticationFilter.this.passwordAlreadyEncoded, this.username, this.realm, password, httpMethod, this.uri, this.qop, this.nonce, this.nc, this.cnonce); }
static String encodePasswordInA1Format(String username, String realm, String password) { String a1 = username + ":" + realm + ":" + password; return md5Hex(a1); }
@Override public void afterPropertiesSet() { Assert.notNull(this.authenticationManager, "An AuthenticationManager is required"); if (!isIgnoreFailure()) { Assert.notNull(this.authenticationEntryPoint, "An AuthenticationEntryPoint is required"); } }
/** * Allows easily changing the realm, but leaving the remaining defaults in place. If * {@link #authenticationEntryPoint(AuthenticationEntryPoint)} has been invoked, * invoking this method will result in an error. * * @param realmName the HTTP Basic realm to use * @return {@link HttpBasicConfigurer} for additional customization * @throws Exception */ public HttpBasicConfigurer<B> realmName(String realmName) throws Exception { this.basicAuthEntryPoint.setRealmName(realmName); this.basicAuthEntryPoint.afterPropertiesSet(); return this; }
public BasicAuthenticationEntryPoint getAuthenticationEntryPoint() { BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthenticationEntryPoint.setRealmName("atlas.com"); return basicAuthenticationEntryPoint; }
@Override public void configure(B http) throws Exception { AuthenticationManager authenticationManager = http .getSharedObject(AuthenticationManager.class); BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter( authenticationManager, this.authenticationEntryPoint); if (this.authenticationDetailsSource != null) { basicAuthenticationFilter .setAuthenticationDetailsSource(this.authenticationDetailsSource); } RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class); if (rememberMeServices != null) { basicAuthenticationFilter.setRememberMeServices(rememberMeServices); } basicAuthenticationFilter = postProcess(basicAuthenticationFilter); http.addFilter(basicAuthenticationFilter); } }
@Override public void afterPropertiesSet() throws Exception { setRealmName("Contact Big Data Infrastructure Team to get available accounts."); super.afterPropertiesSet(); }
/** * Allows easily changing the realm, but leaving the remaining defaults in place. If * {@link #authenticationEntryPoint(AuthenticationEntryPoint)} has been invoked, * invoking this method will result in an error. * * @param realmName the HTTP Basic realm to use * @return {@link HttpBasicConfigurer} for additional customization * @throws Exception */ public HttpBasicConfigurer<B> realmName(String realmName) throws Exception { this.basicAuthEntryPoint.setRealmName(realmName); this.basicAuthEntryPoint.afterPropertiesSet(); return this; }
@Bean BasicAuthenticationEntryPoint basicAuthEntryPoint() { BasicAuthenticationEntryPoint bauth = new BasicAuthenticationEntryPoint(); bauth.setRealmName("GAURAVBYTES"); return bauth; }