use of com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl in project midpoint by Evolveum.
the class MidpointWebSecurityConfigurerAdapter method configure.
@Override
protected void configure(HttpSecurity http) throws Exception {
http.setSharedObject(AuthenticationTrustResolverImpl.class, new MidpointAuthenticationTrustResolverImpl());
http.addFilter(new WebAsyncManagerIntegrationFilter()).sessionManagement().and().securityContext();
http.apply(new AuthFilterConfigurer());
createSessionContextRepository(http);
http.sessionManagement().maximumSessions(-1).sessionRegistry(sessionRegistry).maxSessionsPreventsLogin(true);
}
use of com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl in project midpoint by Evolveum.
the class ModuleWebSecurityConfigurer method configure.
@Override
protected void configure(HttpSecurity http) throws Exception {
http.setSharedObject(AuthenticationTrustResolver.class, new MidpointAuthenticationTrustResolverImpl());
http.authorizeRequests().accessDecisionManager(accessDecisionManager).anyRequest().fullyAuthenticated();
getOrApply(http, new MidpointExceptionHandlingConfigurer<>()).accessDeniedHandler(accessDeniedHandler).authenticationTrustResolver(new MidpointAuthenticationTrustResolverImpl());
http.headers().and().requestCache().and().anonymous().authenticationFilter(createAnonymousFilter()).and().servletApi();
http.addFilterAfter(new RedirectForLoginPagesWithAuthenticationFilter(), CsrfFilter.class);
http.csrf();
if (!csrfEnabled) {
http.csrf().disable();
}
http.headers().disable();
http.headers().frameOptions().sameOrigin();
}
use of com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl in project midpoint by Evolveum.
the class HttpBasicModuleWebSecurityConfigurer method configure.
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
HttpAuthenticationEntryPoint entryPoint = getObjectPostProcessor().postProcess(new HttpAuthenticationEntryPoint());
http.antMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
HttpBasicAuthenticationFilter filter = getObjectPostProcessor().postProcess(new HttpBasicAuthenticationFilter(authenticationManager(), entryPoint));
RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class);
if (rememberMeServices != null) {
filter.setRememberMeServices(rememberMeServices);
}
http.authorizeRequests().accessDecisionManager(new MidpointHttpAuthorizationEvaluator(securityEnforcer, securityContextManager, taskManager, model));
http.addFilterAt(filter, BasicAuthenticationFilter.class);
http.formLogin().disable().csrf().disable();
getOrApply(http, new MidpointExceptionHandlingConfigurer<>()).authenticationEntryPoint(entryPoint).authenticationTrustResolver(new MidpointAuthenticationTrustResolverImpl());
}
use of com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl in project midpoint by Evolveum.
the class HttpClusterModuleWebSecurityConfigurer method configure.
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
HttpAuthenticationEntryPoint entryPoint = getObjectPostProcessor().postProcess(new HttpAuthenticationEntryPoint());
http.antMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
HttpClusterAuthenticationFilter filter = getObjectPostProcessor().postProcess(new HttpClusterAuthenticationFilter(authenticationManager(), entryPoint));
RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class);
if (rememberMeServices != null) {
filter.setRememberMeServices(rememberMeServices);
}
http.authorizeRequests().accessDecisionManager(new MidpointAllowAllAuthorizationEvaluator(securityEnforcer, securityContextManager, taskManager));
http.addFilterAt(filter, BasicAuthenticationFilter.class);
http.formLogin().disable().csrf().disable();
getOrApply(http, new MidpointExceptionHandlingConfigurer<>()).authenticationEntryPoint(entryPoint).authenticationTrustResolver(new MidpointAuthenticationTrustResolverImpl());
}
use of com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl in project midpoint by Evolveum.
the class HttpSecurityQuestionsModuleWebSecurityConfigurer method configure.
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
HttpAuthenticationEntryPoint entryPoint = getObjectPostProcessor().postProcess(new HttpSecurityQuestionsAuthenticationEntryPoint());
http.antMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
http.authorizeRequests().accessDecisionManager(new MidpointHttpAuthorizationEvaluator(securityEnforcer, securityContextManager, taskManager, model));
HttpSecurityQuestionsAuthenticationFilter filter = getObjectPostProcessor().postProcess(new HttpSecurityQuestionsAuthenticationFilter(authenticationManager(), entryPoint));
RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class);
if (rememberMeServices != null) {
filter.setRememberMeServices(rememberMeServices);
}
http.addFilterAt(filter, BasicAuthenticationFilter.class);
http.formLogin().disable().csrf().disable();
getOrApply(http, new MidpointExceptionHandlingConfigurer<>()).authenticationEntryPoint(entryPoint).authenticationTrustResolver(new MidpointAuthenticationTrustResolverImpl());
}
Aggregations