Examples with BasicHeaderProcessor jenkins.security.BasicHeaderProcessor used on opensource projects
Example 1 with BasicHeaderProcessor
use of jenkins.security.BasicHeaderProcessor in project jenkins by jenkinsci.
the class SecurityRealm method createFilter.
/**
* Creates {@link Filter} that all the incoming HTTP requests will go through
* for authentication.
*
* <p>
* The default implementation uses {@link #getSecurityComponents()} and builds
* a standard filter chain.
* But subclasses can override this to completely change the filter sequence.
*
* <p>
* For other plugins that want to contribute {@link Filter}, see
* {@link PluginServletFilter}.
*
* @since 1.271
*/
public Filter createFilter(FilterConfig filterConfig) {
LOGGER.entering(SecurityRealm.class.getName(), "createFilter");
SecurityComponents sc = getSecurityComponents();
List<Filter> filters = new ArrayList<>();
{
HttpSessionSecurityContextRepository httpSessionSecurityContextRepository = new HttpSessionSecurityContextRepository();
httpSessionSecurityContextRepository.setAllowSessionCreation(false);
filters.add(new HttpSessionContextIntegrationFilter2(httpSessionSecurityContextRepository));
}
{
// if any "Authorization: Basic xxx:yyy" is sent this is the filter that processes it
BasicHeaderProcessor bhp = new BasicHeaderProcessor();
// if basic authentication fails (which only happens incorrect basic auth credential is sent),
// respond with 401 with basic auth request, instead of redirecting the user to the login page,
// since users of basic auth tends to be a program and won't see the redirection to the form
// page as a failure
BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
basicAuthenticationEntryPoint.setRealmName("Jenkins");
bhp.setAuthenticationEntryPoint(basicAuthenticationEntryPoint);
bhp.setRememberMeServices(sc.rememberMe2);
filters.add(bhp);
}
{
AuthenticationProcessingFilter2 apf = new AuthenticationProcessingFilter2(getAuthenticationGatewayUrl());
apf.setAuthenticationManager(sc.manager2);
if (SystemProperties.getInteger(SecurityRealm.class.getName() + ".sessionFixationProtectionMode", 1) == 1) {
// By default, use the 'canonical' protection from Spring Security; see AuthenticationProcessingFilter2#successfulAuthentication for alternative
apf.setSessionAuthenticationStrategy(new SessionFixationProtectionStrategy());
}
apf.setRememberMeServices(sc.rememberMe2);
final AuthenticationSuccessHandler successHandler = new AuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("from");
apf.setAuthenticationSuccessHandler(successHandler);
apf.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler("/loginError"));
filters.add(apf);
}
filters.add(new RememberMeAuthenticationFilter(sc.manager2, sc.rememberMe2));
filters.addAll(commonFilters());
return new ChainedServletFilter(filters);
}
Also used :
AuthenticationSuccessHandler(jenkins.security.AuthenticationSuccessHandler)
RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter)
ArrayList(java.util.ArrayList)
BasicHeaderProcessor(jenkins.security.BasicHeaderProcessor)
BasicAuthenticationEntryPoint(org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint)
HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository)
Filter(javax.servlet.Filter)
AcegiSecurityExceptionFilter(jenkins.security.AcegiSecurityExceptionFilter)
RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter)
ExceptionTranslationFilter(org.springframework.security.web.access.ExceptionTranslationFilter)
PluginServletFilter(hudson.util.PluginServletFilter)
AnonymousAuthenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter)
SessionFixationProtectionStrategy(org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy)
SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)
Aggregations
PluginServletFilter (hudson.util.PluginServletFilter)1
ArrayList (java.util.ArrayList)1
Filter (javax.servlet.Filter)1
AcegiSecurityExceptionFilter (jenkins.security.AcegiSecurityExceptionFilter)1
AuthenticationSuccessHandler (jenkins.security.AuthenticationSuccessHandler)1
BasicHeaderProcessor (jenkins.security.BasicHeaderProcessor)1
ExceptionTranslationFilter (org.springframework.security.web.access.ExceptionTranslationFilter)1
AnonymousAuthenticationFilter (org.springframework.security.web.authentication.AnonymousAuthenticationFilter)1
SimpleUrlAuthenticationFailureHandler (org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)1
RememberMeAuthenticationFilter (org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter)1
SessionFixationProtectionStrategy (org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy)1
BasicAuthenticationEntryPoint (org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint)1
HttpSessionSecurityContextRepository (org.springframework.security.web.context.HttpSessionSecurityContextRepository)1
