Examples with AuthenticationDetailsSource org.springframework.security.authentication.AuthenticationDetailsSource used on opensource projects

Search in sources :

Example 1 with AuthenticationDetailsSource

use of org.springframework.security.authentication.AuthenticationDetailsSource in project syndesis by syndesisio.

the class SecurityConfiguration method requestHeaderAuthenticationFilter.

@SuppressWarnings("PMD.SignatureDeclareThrowsException")
private RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() throws Exception {
    RequestHeaderAuthenticationFilter f = new RequestHeaderAuthenticationFilter();
    f.setPrincipalRequestHeader("X-Forwarded-User");
    f.setCredentialsRequestHeader("X-Forwarded-Access-Token");
    f.setAuthenticationManager(authenticationManager());
    f.setAuthenticationDetailsSource((AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>) (request) -> new PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(request, AuthorityUtils.createAuthorityList("ROLE_AUTHENTICATED")));
    f.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
    f.setExceptionIfHeaderMissing(false);
    return f;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AnonymousAuthenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter) PreAuthenticatedAuthenticationProvider(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) HttpMethod(org.springframework.http.HttpMethod) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) Profile(org.springframework.context.annotation.Profile) PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails) RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) Configuration(org.springframework.context.annotation.Configuration) WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler) Bean(org.springframework.context.annotation.Bean) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) PreAuthenticatedGrantedAuthoritiesUserDetailsService(org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService) RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails) SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)

Example 2 with AuthenticationDetailsSource

use of org.springframework.security.authentication.AuthenticationDetailsSource in project spring-security by spring-projects.

the class MiscHttpConfigTests method loginWhenUsingCustomAuthenticationDetailsSourceRefThenAuthenticationSourcesDetailsAccordingly.

@Test
public void loginWhenUsingCustomAuthenticationDetailsSourceRefThenAuthenticationSourcesDetailsAccordingly() throws Exception {
    this.spring.configLocations(xml("CustomAuthenticationDetailsSourceRef")).autowire();
    Object details = mock(Object.class);
    AuthenticationDetailsSource source = this.spring.getContext().getBean(AuthenticationDetailsSource.class);
    given(source.buildDetails(any(Object.class))).willReturn(details);
    RequestPostProcessor x509 = x509("classpath:org/springframework/security/config/http/MiscHttpConfigTests-certificate.pem");
    // @formatter:off
    this.mvc.perform(get("/details").with(userCredentials())).andExpect(content().string(details.getClass().getName()));
    this.mvc.perform(get("/details").with(x509)).andExpect(content().string(details.getClass().getName()));
    MockHttpServletRequestBuilder loginRequest = post("/login").param("username", "user").param("password", "password").with(csrf());
    MockHttpSession session = (MockHttpSession) this.mvc.perform(loginRequest).andReturn().getRequest().getSession(false);
    this.mvc.perform(get("/details").session(session)).andExpect(content().string(details.getClass().getName()));
// @formatter:on
}
Also used : AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) RequestPostProcessor(org.springframework.test.web.servlet.request.RequestPostProcessor) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) MockHttpSession(org.springframework.mock.web.MockHttpSession) Test(org.junit.jupiter.api.Test)

Example 3 with AuthenticationDetailsSource

use of org.springframework.security.authentication.AuthenticationDetailsSource in project spring-security by spring-projects.

the class AbstractRememberMeServicesTests method setAndGetAreConsistent.

@Test
public void setAndGetAreConsistent() throws Exception {
    MockRememberMeServices services = new MockRememberMeServices(this.uds);
    assertThat(services.getCookieName()).isNotNull();
    assertThat(services.getParameter()).isNotNull();
    assertThat(services.getKey()).isEqualTo("xxxx");
    services.setParameter("rm");
    assertThat(services.getParameter()).isEqualTo("rm");
    services.setCookieName("kookie");
    assertThat(services.getCookieName()).isEqualTo("kookie");
    services.setTokenValiditySeconds(600);
    assertThat(services.getTokenValiditySeconds()).isEqualTo(600);
    assertThat(services.getUserDetailsService()).isSameAs(this.uds);
    AuthenticationDetailsSource ads = Mockito.mock(AuthenticationDetailsSource.class);
    services.setAuthenticationDetailsSource(ads);
    assertThat(services.getAuthenticationDetailsSource()).isSameAs(ads);
    services.afterPropertiesSet();
}
Also used : AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) Test(org.junit.jupiter.api.Test)

Example 4 with AuthenticationDetailsSource

use of org.springframework.security.authentication.AuthenticationDetailsSource in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationFilterTests method attemptAuthenticationAddsDetails.

@Test
public void attemptAuthenticationAddsDetails() {
    AuthenticationConverter authenticationConverter = mock(AuthenticationConverter.class);
    final Saml2AuthenticationToken token = TestSaml2AuthenticationTokens.token();
    given(authenticationConverter.convert(this.request)).willReturn(token);
    final AuthenticationDetailsSource authenticationDetailsSource = mock(AuthenticationDetailsSource.class);
    final WebAuthenticationDetails details = mock(WebAuthenticationDetails.class);
    given(authenticationDetailsSource.buildDetails(this.request)).willReturn(details);
    this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, "/some/other/path/{registrationId}");
    this.filter.setAuthenticationManager((authentication) -> null);
    this.filter.setAuthenticationDetailsSource(authenticationDetailsSource);
    this.request.setPathInfo("/some/other/path/idp-registration-id");
    this.filter.attemptAuthentication(this.request, this.response);
    Assertions.assertEquals(details, token.getDetails());
}
Also used : AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 5 with AuthenticationDetailsSource

use of org.springframework.security.authentication.AuthenticationDetailsSource in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationFilterTests method attemptAuthenticationWhenAuthenticationNotAbstractAuthenticationTokenDoesNotAddDetails.

@Test
public void attemptAuthenticationWhenAuthenticationNotAbstractAuthenticationTokenDoesNotAddDetails() {
    AuthenticationConverter authenticationConverter = mock(AuthenticationConverter.class);
    final Authentication authenticationWithoutDetails = mock(Authentication.class);
    given(authenticationConverter.convert(this.request)).willReturn(authenticationWithoutDetails);
    final AuthenticationDetailsSource authenticationDetailsSource = mock(AuthenticationDetailsSource.class);
    this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, "/some/other/path/{registrationId}");
    this.filter.setAuthenticationManager((authentication) -> null);
    this.filter.setAuthenticationDetailsSource(authenticationDetailsSource);
    this.request.setPathInfo("/some/other/path/idp-registration-id");
    assertThatNoException().isThrownBy(() -> this.filter.attemptAuthentication(this.request, this.response));
    verifyNoInteractions(authenticationDetailsSource);
}
Also used : AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) Authentication(org.springframework.security.core.Authentication) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationDetailsSource (org.springframework.security.authentication.AuthenticationDetailsSource)5 Test (org.junit.jupiter.api.Test)4 AuthenticationConverter (org.springframework.security.web.authentication.AuthenticationConverter)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 Bean (org.springframework.context.annotation.Bean)1 Configuration (org.springframework.context.annotation.Configuration)1 Profile (org.springframework.context.annotation.Profile)1 HttpMethod (org.springframework.http.HttpMethod)1 MockHttpSession (org.springframework.mock.web.MockHttpSession)1 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1 AuthenticationProvider (org.springframework.security.authentication.AuthenticationProvider)1 AuthenticationManagerBuilder (org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)1 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)1 EnableWebSecurity (org.springframework.security.config.annotation.web.configuration.EnableWebSecurity)1 WebSecurityConfigurerAdapter (org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter)1 SessionCreationPolicy (org.springframework.security.config.http.SessionCreationPolicy)1 Authentication (org.springframework.security.core.Authentication)1 AuthorityUtils (org.springframework.security.core.authority.AuthorityUtils)1 Saml2AuthenticationToken (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken)1 AnonymousAuthenticationFilter (org.springframework.security.web.authentication.AnonymousAuthenticationFilter)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial