use of org.apereo.cas.configuration.model.core.web.security.HttpHeadersRequestProperties in project cas by apereo.
the class CasFiltersConfiguration method responseHeadersSecurityFilter.
@RefreshScope
@Bean
public FilterRegistrationBean responseHeadersSecurityFilter() {
final HttpHeadersRequestProperties header = casProperties.getHttpWebRequest().getHeader();
final Map<String, String> initParams = new HashMap<>();
initParams.put("enableCacheControl", BooleanUtils.toStringTrueFalse(header.isCache()));
initParams.put("enableXContentTypeOptions", BooleanUtils.toStringTrueFalse(header.isXcontent()));
initParams.put("enableStrictTransportSecurity", BooleanUtils.toStringTrueFalse(header.isHsts()));
initParams.put("enableXFrameOptions", BooleanUtils.toStringTrueFalse(header.isXframe()));
if (header.isXframe()) {
initParams.put("XFrameOptions", header.getXframeOptions());
}
initParams.put("enableXSSProtection", BooleanUtils.toStringTrueFalse(header.isXss()));
if (header.isXss()) {
initParams.put("XSSProtection", header.getXssOptions());
}
if (StringUtils.isNotBlank(header.getContentSecurityPolicy())) {
initParams.put("contentSecurityPolicy", header.getContentSecurityPolicy());
}
final FilterRegistrationBean bean = new FilterRegistrationBean();
bean.setFilter(new RegisteredServiceResponseHeadersEnforcementFilter(servicesManager, argumentExtractor));
bean.setUrlPatterns(CollectionUtils.wrap("/*"));
bean.setInitParameters(initParams);
bean.setName("responseHeadersSecurityFilter");
bean.setAsyncSupported(true);
return bean;
}
Aggregations