Search in sources :

Example 1 with MidpointAuthenticationFailureHandler

use of com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler in project midpoint by Evolveum.

the class MailNonceFormModuleWebSecurityConfigurer method configure.

@Override
protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    http.antMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
    getOrApply(http, new MidpointFormLoginConfigurer<>(new MailNonceAuthenticationFilter())).loginPage(getConfiguration().getSpecificLoginUrl() == null ? "/emailNonce" : getConfiguration().getSpecificLoginUrl()).failureHandler(new MidpointAuthenticationFailureHandler()).successHandler(getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler())).permitAll();
    getOrApply(http, new MidpointExceptionHandlingConfigurer<>()).authenticationEntryPoint(new WicketLoginUrlAuthenticationEntryPoint(getConfiguration().getSpecificLoginUrl() == null ? "/emailNonce" : getConfiguration().getSpecificLoginUrl()));
    http.logout().clearAuthentication(true).logoutRequestMatcher(getLogoutMatcher(http, getPrefix() + "/logout")).invalidateHttpSession(true).deleteCookies("JSESSIONID").logoutSuccessHandler(createLogoutHandler());
}
Also used : MidPointAuthenticationSuccessHandler(com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler) MidpointAuthenticationFailureHandler(com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler) WicketLoginUrlAuthenticationEntryPoint(com.evolveum.midpoint.authentication.impl.entry.point.WicketLoginUrlAuthenticationEntryPoint) MailNonceAuthenticationFilter(com.evolveum.midpoint.authentication.impl.filter.MailNonceAuthenticationFilter) MidpointExceptionHandlingConfigurer(com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointExceptionHandlingConfigurer)

Example 2 with MidpointAuthenticationFailureHandler

use of com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler in project midpoint by Evolveum.

the class OidcClientModuleWebSecurityConfigurer method configure.

@Override
protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    OidcLoginConfigurer configurer = new OidcLoginConfigurer(auditProvider);
    configurer.midpointFailureHandler(new MidpointAuthenticationFailureHandler()).clientRegistrationRepository(clientRegistrationRepository()).loginProcessingUrl(AuthUtil.stripEndingSlashes(getPrefix()) + RemoteModuleAuthenticationImpl.AUTHENTICATION_REQUEST_PROCESSING_URL_SUFFIX_WITH_REG_ID).authorizationRequestBaseUri(AuthUtil.stripEndingSlashes(getPrefix()) + RemoteModuleAuthenticationImpl.AUTHORIZATION_REQUEST_PROCESSING_URL_SUFFIX).successHandler(getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler()));
    try {
        configurer.authenticationManager(new ProviderManager(Collections.emptyList(), authenticationManager()));
    } catch (Exception e) {
        LOGGER.error("Couldn't initialize authentication manager for oidc module");
    }
    getOrApply(http, configurer);
}
Also used : MidPointAuthenticationSuccessHandler(com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler) MidpointAuthenticationFailureHandler(com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler) ProviderManager(org.springframework.security.authentication.ProviderManager) OidcLoginConfigurer(com.evolveum.midpoint.authentication.impl.oidc.OidcLoginConfigurer)

Example 3 with MidpointAuthenticationFailureHandler

use of com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler in project midpoint by Evolveum.

the class LoginFormModuleWebSecurityConfigurer method configure.

@Override
protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    http.antMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
    getOrApply(http, getMidpointFormLoginConfigurer()).loginPage("/login").loginProcessingUrl(AuthUtil.stripEndingSlashes(getPrefix()) + "/spring_security_login").failureHandler(new MidpointAuthenticationFailureHandler()).successHandler(getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler())).permitAll();
    getOrApply(http, new MidpointExceptionHandlingConfigurer<>()).authenticationEntryPoint(new WicketLoginUrlAuthenticationEntryPoint("/login"));
    http.logout().clearAuthentication(true).logoutRequestMatcher(getLogoutMatcher(http, getPrefix() + "/logout")).invalidateHttpSession(true).deleteCookies("JSESSIONID").logoutSuccessHandler(createLogoutHandler());
    if (Arrays.stream(environment.getActiveProfiles()).anyMatch(p -> p.equalsIgnoreCase("cas"))) {
        http.addFilterAt(casFilter, CasAuthenticationFilter.class);
        http.addFilterBefore(requestSingleLogoutFilter, LogoutFilter.class);
    }
    if (Arrays.stream(environment.getActiveProfiles()).anyMatch(p -> p.equalsIgnoreCase("ssoenv"))) {
        http.addFilterBefore(requestAttributeAuthenticationFilter, LogoutFilter.class);
    }
}
Also used : MidPointAuthenticationSuccessHandler(com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler) MidpointAuthenticationFailureHandler(com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler) WicketLoginUrlAuthenticationEntryPoint(com.evolveum.midpoint.authentication.impl.entry.point.WicketLoginUrlAuthenticationEntryPoint) MidpointExceptionHandlingConfigurer(com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointExceptionHandlingConfigurer)

Example 4 with MidpointAuthenticationFailureHandler

use of com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler in project midpoint by Evolveum.

the class SamlModuleWebSecurityConfigurer method configure.

@Override
protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    MidpointSaml2LoginConfigurer configurer = new MidpointSaml2LoginConfigurer<>(auditProvider);
    configurer.relyingPartyRegistrationRepository(relyingPartyRegistrations()).loginProcessingUrl(getConfiguration().getPrefixOfModule() + SamlModuleWebSecurityConfiguration.SSO_LOCATION_URL_SUFFIX).successHandler(getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler())).failureHandler(new MidpointAuthenticationFailureHandler());
    try {
        configurer.authenticationManager(new ProviderManager(Collections.emptyList(), authenticationManager()));
    } catch (Exception e) {
        LOGGER.error("Couldn't initialize authentication manager for saml2 module");
    }
    getOrApply(http, configurer);
    Saml2MetadataFilter filter = new Saml2MetadataFilter(new MidpointMetadataRelyingPartyRegistrationResolver(relyingPartyRegistrations()), new OpenSamlMetadataResolver());
    filter.setRequestMatcher(new AntPathRequestMatcher(getConfiguration().getPrefixOfModule() + "/metadata/*"));
    http.addFilterAfter(filter, Saml2WebSsoAuthenticationFilter.class);
}
Also used : MidPointAuthenticationSuccessHandler(com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler) MidpointAuthenticationFailureHandler(com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler) Saml2MetadataFilter(org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter) ProviderManager(org.springframework.security.authentication.ProviderManager) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) MidpointSaml2LoginConfigurer(com.evolveum.midpoint.authentication.impl.saml.MidpointSaml2LoginConfigurer) MidpointMetadataRelyingPartyRegistrationResolver(com.evolveum.midpoint.authentication.impl.saml.MidpointMetadataRelyingPartyRegistrationResolver) OpenSamlMetadataResolver(org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver)

Example 5 with MidpointAuthenticationFailureHandler

use of com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler in project midpoint by Evolveum.

the class HttpHeaderModuleWebSecurityConfigurer method requestHeaderAuthenticationFilter.

private RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() {
    MidpointRequestHeaderAuthenticationFilter filter = new MidpointRequestHeaderAuthenticationFilter();
    filter.setPrincipalRequestHeader(getConfiguration().getPrincipalRequestHeader());
    filter.setExceptionIfHeaderMissing(false);
    filter.setAuthenticationManager(authenticationManager);
    filter.setAuthenticationFailureHandler(new MidpointAuthenticationFailureHandler() {

        @Override
        protected String getPathAfterUnsuccessfulAuthentication(AuthenticationChannel authenticationChannel) {
            return "/error/401";
        }
    });
    MidPointAuthenticationSuccessHandler successHandler = new MidPointAuthenticationSuccessHandler() {

        @Override
        public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
            if (getRequestCache().getRequest(request, response) == null) {
                getRequestCache().saveRequest(request, response);
            }
            super.onAuthenticationSuccess(request, response, authentication);
        }
    };
    filter.setAuthenticationSuccessHandler(getObjectPostProcessor().postProcess(successHandler));
    filter.setSessionRegistry(getSessionRegistry());
    return filter;
}
Also used : MidPointAuthenticationSuccessHandler(com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationChannel(com.evolveum.midpoint.authentication.api.AuthenticationChannel) MidpointAuthenticationFailureHandler(com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler) Authentication(org.springframework.security.core.Authentication) MidpointRequestHeaderAuthenticationFilter(com.evolveum.midpoint.authentication.impl.filter.MidpointRequestHeaderAuthenticationFilter) HttpServletResponse(javax.servlet.http.HttpServletResponse)

Aggregations

MidPointAuthenticationSuccessHandler (com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler)6 MidpointAuthenticationFailureHandler (com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler)6 WicketLoginUrlAuthenticationEntryPoint (com.evolveum.midpoint.authentication.impl.entry.point.WicketLoginUrlAuthenticationEntryPoint)3 MidpointExceptionHandlingConfigurer (com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointExceptionHandlingConfigurer)3 ProviderManager (org.springframework.security.authentication.ProviderManager)2 AuthenticationChannel (com.evolveum.midpoint.authentication.api.AuthenticationChannel)1 MailNonceAuthenticationFilter (com.evolveum.midpoint.authentication.impl.filter.MailNonceAuthenticationFilter)1 MidpointRequestHeaderAuthenticationFilter (com.evolveum.midpoint.authentication.impl.filter.MidpointRequestHeaderAuthenticationFilter)1 SecurityQuestionsAuthenticationFilter (com.evolveum.midpoint.authentication.impl.filter.SecurityQuestionsAuthenticationFilter)1 MidpointFormLoginConfigurer (com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointFormLoginConfigurer)1 OidcLoginConfigurer (com.evolveum.midpoint.authentication.impl.oidc.OidcLoginConfigurer)1 MidpointMetadataRelyingPartyRegistrationResolver (com.evolveum.midpoint.authentication.impl.saml.MidpointMetadataRelyingPartyRegistrationResolver)1 MidpointSaml2LoginConfigurer (com.evolveum.midpoint.authentication.impl.saml.MidpointSaml2LoginConfigurer)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 Authentication (org.springframework.security.core.Authentication)1 OpenSamlMetadataResolver (org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver)1 Saml2MetadataFilter (org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter)1 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)1