Examples with AuthenticationManagerBuilder org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder used on opensource projects

Search in sources :

Example 16 with AuthenticationManagerBuilder

use of org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder in project spring-security by spring-projects.

the class AuthenticationManagerBuilderTests method buildWhenParentThenIsConfigured.

@Test
public void buildWhenParentThenIsConfigured() throws Exception {
    ObjectPostProcessor<Object> opp = mock(ObjectPostProcessor.class);
    AuthenticationManager parent = mock(AuthenticationManager.class);
    AuthenticationManagerBuilder builder = new AuthenticationManagerBuilder(opp);
    builder.parentAuthenticationManager(parent);
    builder.build();
    assertThat(builder.isConfigured()).isTrue();
}
Also used : AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) Test(org.junit.jupiter.api.Test)

Example 17 with AuthenticationManagerBuilder

use of org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder in project credhub by cloudfoundry-incubator.

the class OAuth2Configuration method authenticationManagerBuilder.

@Bean
public AuthenticationManagerBuilder authenticationManagerBuilder() {
    final ObjectPostProcessor<Object> objectPostProcessor = new ObjectPostProcessor<Object>() {

        @Override
        public <O extends Object> O postProcess(O object) {
            return object;
        }
    };
    final AuthenticationManagerBuilder authenticationManagerBuilder = new AuthenticationManagerBuilder(objectPostProcessor);
    authenticationManagerBuilder.parentAuthenticationManager(authenticationManager());
    return authenticationManagerBuilder;
}
Also used : ObjectPostProcessor(org.springframework.security.config.annotation.ObjectPostProcessor) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) Bean(org.springframework.context.annotation.Bean)

Example 18 with AuthenticationManagerBuilder

use of org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder in project shinyproxy by openanalytics.

the class LDAPAuthenticationBackend method configureAuthenticationManagerBuilder.

@Override
public void configureAuthenticationManagerBuilder(AuthenticationManagerBuilder auth) throws Exception {
    LDAPProviderConfig[] configs = LDAPProviderConfig.loadAll(environment);
    for (LDAPProviderConfig cfg : configs) {
        LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> configurer = new LdapAuthenticationProviderConfigurer<>();
        String[] userDnPatterns = { cfg.userDnPattern };
        if (userDnPatterns[0] == null || userDnPatterns[0].isEmpty())
            userDnPatterns = new String[0];
        if (cfg.managerDn != null && cfg.managerDn.isEmpty())
            cfg.managerDn = null;
        // Manually instantiate contextSource so it can be passed into authoritiesPopulator below.
        DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(cfg.url);
        if (cfg.managerDn != null) {
            contextSource.setUserDn(cfg.managerDn);
            contextSource.setPassword(cfg.managerPassword);
        }
        if (Boolean.valueOf(cfg.startTLS) || STARTTLS_SIMPLE.equalsIgnoreCase(cfg.startTLS)) {
            // Explicitly disable connection pooling, or Spring may attempt to StartTLS twice on the same connection.
            contextSource.setPooled(false);
            contextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
        } else if (STARTTLS_EXTERNAL.equalsIgnoreCase(cfg.startTLS)) {
            contextSource.setAuthenticationStrategy(new ExternalTlsDirContextAuthenticationStrategy());
        }
        contextSource.afterPropertiesSet();
        // Manually instantiate authoritiesPopulator because it uses a customized class.
        CNLdapAuthoritiesPopulator authoritiesPopulator = new CNLdapAuthoritiesPopulator(contextSource, cfg.groupSearchBase);
        authoritiesPopulator.setGroupRoleAttribute("cn");
        authoritiesPopulator.setGroupSearchFilter(cfg.groupSearchFilter);
        configurer.userDnPatterns(userDnPatterns).userSearchBase(cfg.userSearchBase).userSearchFilter(cfg.userSearchFilter).ldapAuthoritiesPopulator(authoritiesPopulator).contextSource(contextSource).configure(auth);
    }
}
Also used : DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) ExternalTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.ExternalTlsDirContextAuthenticationStrategy) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) LdapAuthenticationProviderConfigurer(org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer) DefaultTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy)

Example 19 with AuthenticationManagerBuilder

use of org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder in project spring-security-oauth by spring-projects.

the class AuthorizationServerSecurityConfigurer method init.

@Override
public void init(HttpSecurity http) throws Exception {
    registerDefaultAuthenticationEntryPoint(http);
    AuthenticationManagerBuilder builder = http.getSharedObject(AuthenticationManagerBuilder.class);
    if (authenticationEventPublisher != null) {
        builder.authenticationEventPublisher(authenticationEventPublisher);
    }
    if (authenticationProviders.isEmpty()) {
        if (passwordEncoder != null) {
            builder.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService())).passwordEncoder(passwordEncoder());
        } else {
            builder.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService()));
        }
    } else {
        for (AuthenticationProvider provider : authenticationProviders) {
            builder.authenticationProvider(provider);
        }
    }
    http.securityContext().securityContextRepository(new NullSecurityContextRepository()).and().csrf().disable().httpBasic().authenticationEntryPoint(this.authenticationEntryPoint).realmName(realm);
    if (sslOnly) {
        http.requiresChannel().anyRequest().requiresSecure();
    }
}
Also used : AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) NullSecurityContextRepository(org.springframework.security.web.context.NullSecurityContextRepository) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) DaoAuthenticationProvider(org.springframework.security.authentication.dao.DaoAuthenticationProvider) ClientDetailsUserDetailsService(org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService)

Example 20 with AuthenticationManagerBuilder

use of org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder in project gravitee-management-rest-api by gravitee-io.

the class BasicSecurityConfigurerAdapter method configure.

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    LOGGER.info("--------------------------------------------------------------");
    LOGGER.info("Management API BasicSecurity Config");
    LOGGER.info("Loading authentication identity providers for Basic authentication");
    List<io.gravitee.rest.api.security.authentication.AuthenticationProvider> providers = authenticationProviderManager.getIdentityProviders().stream().filter(authenticationProvider -> !authenticationProvider.external()).collect(Collectors.toList());
    for (io.gravitee.rest.api.security.authentication.AuthenticationProvider provider : providers) {
        LOGGER.info("Loading authentication provider of type {} at position {}", provider.type(), provider.index());
        boolean found = false;
        Collection<IdentityProvider> identityProviders = identityProviderManager.getAll();
        for (IdentityProvider identityProvider : identityProviders) {
            if (identityProvider.type().equalsIgnoreCase(provider.type())) {
                AuthenticationProvider authenticationProviderPlugin = identityProviderManager.loadIdentityProvider(identityProvider.type(), provider.configuration());
                if (authenticationProviderPlugin != null) {
                    Object authenticationProvider = authenticationProviderPlugin.configure();
                    if (authenticationProvider instanceof org.springframework.security.authentication.AuthenticationProvider) {
                        auth.authenticationProvider((org.springframework.security.authentication.AuthenticationProvider) authenticationProvider);
                    } else if (authenticationProvider instanceof SecurityConfigurer) {
                        auth.apply((SecurityConfigurer) authenticationProvider);
                    }
                    found = true;
                    break;
                }
            }
        }
        if (!found) {
            LOGGER.error("No authentication provider found for type: {}", provider.type());
        }
    }
    LOGGER.info("--------------------------------------------------------------");
}
Also used : TokenService(io.gravitee.rest.api.service.TokenService) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) CookieCsrfSignedTokenRepository(io.gravitee.rest.api.security.csrf.CookieCsrfSignedTokenRepository) HeadersConfigurer(org.springframework.security.config.annotation.web.configurers.HeadersConfigurer) AuthoritiesProvider(io.gravitee.rest.api.security.utils.AuthoritiesProvider) CorsConfigurationSource(org.springframework.web.cors.CorsConfigurationSource) WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter) CookieGenerator(io.gravitee.rest.api.security.cookies.CookieGenerator) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) ConfigurableEnvironment(org.springframework.core.env.ConfigurableEnvironment) UserService(io.gravitee.rest.api.service.UserService) CsrfRequestMatcher(io.gravitee.rest.api.security.csrf.CsrfRequestMatcher) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) SecurityConfigurer(org.springframework.security.config.annotation.SecurityConfigurer) AuthenticationSuccessListener(io.gravitee.rest.api.security.listener.AuthenticationSuccessListener) AuthenticationProviderManager(io.gravitee.rest.api.security.authentication.AuthenticationProviderManager) ParameterService(io.gravitee.rest.api.service.ParameterService) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) Logger(org.slf4j.Logger) RecaptchaFilter(io.gravitee.rest.api.security.filter.RecaptchaFilter) Collection(java.util.Collection) CsrfFilter(org.springframework.security.web.csrf.CsrfFilter) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) HttpMethod(org.springframework.http.HttpMethod) IdentityProviderManager(io.gravitee.rest.api.idp.core.plugin.IdentityProviderManager) CsrfIncludeFilter(io.gravitee.rest.api.security.filter.CsrfIncludeFilter) IdentityProvider(io.gravitee.rest.api.idp.api.IdentityProvider) Collectors(java.util.stream.Collectors) Profile(org.springframework.context.annotation.Profile) Configuration(org.springframework.context.annotation.Configuration) AuthenticationFailureListener(io.gravitee.rest.api.security.listener.AuthenticationFailureListener) List(java.util.List) EventManager(io.gravitee.common.event.EventManager) TokenAuthenticationFilter(io.gravitee.rest.api.security.filter.TokenAuthenticationFilter) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) GraviteeAuthenticationDetails(io.gravitee.rest.api.security.authentication.GraviteeAuthenticationDetails) SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) AuthenticationProvider(io.gravitee.rest.api.idp.api.authentication.AuthenticationProvider) Bean(org.springframework.context.annotation.Bean) ReCaptchaService(io.gravitee.rest.api.service.ReCaptchaService) SecurityConfigurer(org.springframework.security.config.annotation.SecurityConfigurer) AuthenticationProvider(io.gravitee.rest.api.idp.api.authentication.AuthenticationProvider) IdentityProvider(io.gravitee.rest.api.idp.api.IdentityProvider)

Aggregations

AuthenticationManagerBuilder (org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)22 Test (org.junit.jupiter.api.Test)7 Bean (org.springframework.context.annotation.Bean)6 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)5 Autowired (org.springframework.beans.factory.annotation.Autowired)4 AuthenticationProvider (org.springframework.security.authentication.AuthenticationProvider)4 Collection (java.util.Collection)3 List (java.util.List)3 Collectors (java.util.stream.Collectors)3 Logger (org.slf4j.Logger)3 LoggerFactory (org.slf4j.LoggerFactory)3 Configuration (org.springframework.context.annotation.Configuration)3 Profile (org.springframework.context.annotation.Profile)3 ConfigurableEnvironment (org.springframework.core.env.ConfigurableEnvironment)3 HttpMethod (org.springframework.http.HttpMethod)3 DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 EventManager (io.gravitee.common.event.EventManager)2 IdentityProvider (io.gravitee.rest.api.idp.api.IdentityProvider)2 IdentityProviderManager (io.gravitee.rest.api.idp.core.plugin.IdentityProviderManager)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial