Search in sources :

Example 1 with SamlModuleWebSecurityConfiguration

use of com.evolveum.midpoint.authentication.impl.module.configuration.SamlModuleWebSecurityConfiguration in project midpoint by Evolveum.

the class Saml2ModuleFactory method createModuleFilter.

@Override
public AuthModule createModuleFilter(AbstractAuthenticationModuleType moduleType, String sequenceSuffix, ServletRequest request, Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationsPolicy, CredentialsPolicyType credentialPolicy, AuthenticationChannel authenticationChannel) throws Exception {
    if (!(moduleType instanceof Saml2AuthenticationModuleType)) {
        LOGGER.error("This factory support only Saml2AuthenticationModuleType, but modelType is " + moduleType);
        return null;
    }
    isSupportedChannel(authenticationChannel);
    SamlModuleWebSecurityConfiguration.setProtector(getProtector());
    SamlModuleWebSecurityConfiguration configuration = SamlModuleWebSecurityConfiguration.build((Saml2AuthenticationModuleType) moduleType, sequenceSuffix, getPublicUrlPrefix(request), request);
    configuration.setSequenceSuffix(sequenceSuffix);
    configuration.addAuthenticationProvider(getObjectObjectPostProcessor().postProcess(new Saml2Provider()));
    SamlModuleWebSecurityConfigurer<SamlModuleWebSecurityConfiguration> module = getObjectObjectPostProcessor().postProcess(new SamlModuleWebSecurityConfigurer<>(configuration));
    HttpSecurity http = getNewHttpSecurity(module);
    setSharedObjects(http, sharedObjects);
    ModuleAuthenticationImpl moduleAuthentication = createEmptyModuleAuthentication(configuration, request);
    moduleAuthentication.setFocusType(moduleType.getFocusType());
    SecurityFilterChain filter = http.build();
    for (Filter f : filter.getFilters()) {
        if (f instanceof Saml2WebSsoAuthenticationRequestFilter) {
            ((Saml2WebSsoAuthenticationRequestFilter) f).setRedirectMatcher(new AntPathRequestMatcher(module.getPrefix() + RemoteModuleAuthenticationImpl.AUTHENTICATION_REQUEST_PROCESSING_URL_SUFFIX_WITH_REG_ID));
            break;
        }
    }
    return AuthModuleImpl.build(filter, configuration, moduleAuthentication);
}
Also used : SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) Saml2ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl) ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl) RemoteModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.RemoteModuleAuthenticationImpl) Saml2WebSsoAuthenticationRequestFilter(org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter) Saml2Provider(com.evolveum.midpoint.authentication.impl.provider.Saml2Provider) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) Saml2WebSsoAuthenticationRequestFilter(org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter) Filter(javax.servlet.Filter) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) SamlModuleWebSecurityConfiguration(com.evolveum.midpoint.authentication.impl.module.configuration.SamlModuleWebSecurityConfiguration)

Aggregations

ModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl)1 RemoteModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.RemoteModuleAuthenticationImpl)1 Saml2ModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl)1 SamlModuleWebSecurityConfiguration (com.evolveum.midpoint.authentication.impl.module.configuration.SamlModuleWebSecurityConfiguration)1 Saml2Provider (com.evolveum.midpoint.authentication.impl.provider.Saml2Provider)1 Filter (javax.servlet.Filter)1 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)1 Saml2WebSsoAuthenticationRequestFilter (org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter)1 SecurityFilterChain (org.springframework.security.web.SecurityFilterChain)1 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)1