Examples with AuthenticationEntryPoint - org.springframework.security.web.AuthenticationEntryPoint

Example 1 with AuthenticationEntryPoint

use of org.springframework.security.web.AuthenticationEntryPoint in project opennms by OpenNMS.

the class AntPatternBasedAuthenticationEntryPointChain method commence.

/**
 * {@inheritDoc}
 */
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
    AuthenticationEntryPoint entryPoint = getAppropriateEntryPoint(request);
    entryPoint.commence(request, response, authException);
}

Also used : AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint)

Example 2 with AuthenticationEntryPoint

use of org.springframework.security.web.AuthenticationEntryPoint in project atlas by apache.

the class AtlasSecurityConfig method getDelegatingAuthenticationEntryPoint.

public DelegatingAuthenticationEntryPoint getDelegatingAuthenticationEntryPoint() {
    LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPointMap = new LinkedHashMap<>();
    entryPointMap.put(new RequestHeaderRequestMatcher("User-Agent", "Mozilla"), atlasAuthenticationEntryPoint);
    DelegatingAuthenticationEntryPoint entryPoint = new DelegatingAuthenticationEntryPoint(entryPointMap);
    entryPoint.setDefaultEntryPoint(getAuthenticationEntryPoint());
    return entryPoint;
}

Also used : RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AtlasAuthenticationEntryPoint(org.apache.atlas.web.filters.AtlasAuthenticationEntryPoint) DelegatingAuthenticationEntryPoint(org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint) BasicAuthenticationEntryPoint(org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint) AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) DelegatingAuthenticationEntryPoint(org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint) LinkedHashMap(java.util.LinkedHashMap)

Example 3 with AuthenticationEntryPoint

use of org.springframework.security.web.AuthenticationEntryPoint in project spring-security by spring-projects.

the class ExceptionHandlingConfigurer method configure.

@Override
public void configure(H http) {
    AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http);
    ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(entryPoint, getRequestCache(http));
    AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http);
    exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler);
    exceptionTranslationFilter = postProcess(exceptionTranslationFilter);
    http.addFilter(exceptionTranslationFilter);
}

Also used : AccessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler) RequestMatcherDelegatingAccessDeniedHandler(org.springframework.security.web.access.RequestMatcherDelegatingAccessDeniedHandler) AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) DelegatingAuthenticationEntryPoint(org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint) ExceptionTranslationFilter(org.springframework.security.web.access.ExceptionTranslationFilter)

Example 4 with AuthenticationEntryPoint

use of org.springframework.security.web.AuthenticationEntryPoint in project spring-security by spring-projects.

the class OAuth2LoginBeanDefinitionParser method getLoginEntryPoint.

private Map<RequestMatcher, AuthenticationEntryPoint> getLoginEntryPoint(Element element) {
    Map<RequestMatcher, AuthenticationEntryPoint> entryPoints = null;
    Element clientRegsElt = DomUtils.getChildElementByTagName(element.getOwnerDocument().getDocumentElement(), Elements.CLIENT_REGISTRATIONS);
    if (clientRegsElt != null) {
        List<Element> clientRegList = DomUtils.getChildElementsByTagName(clientRegsElt, ELT_CLIENT_REGISTRATION);
        if (clientRegList.size() == 1) {
            RequestMatcher loginPageMatcher = new AntPathRequestMatcher(DEFAULT_LOGIN_URI);
            RequestMatcher faviconMatcher = new AntPathRequestMatcher("/favicon.ico");
            RequestMatcher defaultEntryPointMatcher = this.getAuthenticationEntryPointMatcher();
            RequestMatcher defaultLoginPageMatcher = new AndRequestMatcher(new OrRequestMatcher(loginPageMatcher, faviconMatcher), defaultEntryPointMatcher);
            RequestMatcher notXRequestedWith = new NegatedRequestMatcher(new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"));
            Element clientRegElt = clientRegList.get(0);
            entryPoints = new LinkedHashMap<>();
            entryPoints.put(new AndRequestMatcher(notXRequestedWith, new NegatedRequestMatcher(defaultLoginPageMatcher)), new LoginUrlAuthenticationEntryPoint(DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + clientRegElt.getAttribute(ATT_REGISTRATION_ID)));
        }
    }
    return entryPoints;
}

Also used : NegatedRequestMatcher(org.springframework.security.web.util.matcher.NegatedRequestMatcher) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) OrRequestMatcher(org.springframework.security.web.util.matcher.OrRequestMatcher) AndRequestMatcher(org.springframework.security.web.util.matcher.AndRequestMatcher) NegatedRequestMatcher(org.springframework.security.web.util.matcher.NegatedRequestMatcher) MediaTypeRequestMatcher(org.springframework.security.web.util.matcher.MediaTypeRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) BeanMetadataElement(org.springframework.beans.BeanMetadataElement) Element(org.w3c.dom.Element) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint) DelegatingAuthenticationEntryPoint(org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint) AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) AndRequestMatcher(org.springframework.security.web.util.matcher.AndRequestMatcher) OrRequestMatcher(org.springframework.security.web.util.matcher.OrRequestMatcher) LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)

Example 5 with AuthenticationEntryPoint

use of org.springframework.security.web.AuthenticationEntryPoint in project spring-security by spring-projects.

the class DelegatingAuthenticationEntryPointTests method testSecondEntryPoint.

@Test
public void testSecondEntryPoint() throws Exception {
    AuthenticationEntryPoint firstAEP = mock(AuthenticationEntryPoint.class);
    RequestMatcher firstRM = mock(RequestMatcher.class);
    AuthenticationEntryPoint secondAEP = mock(AuthenticationEntryPoint.class);
    RequestMatcher secondRM = mock(RequestMatcher.class);
    given(firstRM.matches(this.request)).willReturn(false);
    given(secondRM.matches(this.request)).willReturn(true);
    this.entryPoints.put(firstRM, firstAEP);
    this.entryPoints.put(secondRM, secondAEP);
    this.daep.commence(this.request, null, null);
    verify(secondAEP).commence(this.request, null, null);
    verify(firstAEP, never()).commence(this.request, null, null);
    verify(this.defaultEntryPoint, never()).commence(this.request, null, null);
}

Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationEntryPoint (org.springframework.security.web.AuthenticationEntryPoint)20 RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)11 DelegatingAuthenticationEntryPoint (org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint)9 LinkedHashMap (java.util.LinkedHashMap)6 Test (org.junit.jupiter.api.Test)5 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)5 RequestHeaderRequestMatcher (org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher)5 LoginUrlAuthenticationEntryPoint (org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)4 BasicAuthenticationEntryPoint (org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint)4 InsufficientAuthenticationException (org.springframework.security.authentication.InsufficientAuthenticationException)3 AuthenticationException (org.springframework.security.core.AuthenticationException)3 ExceptionTranslationFilter (org.springframework.security.web.access.ExceptionTranslationFilter)3 AndRequestMatcher (org.springframework.security.web.util.matcher.AndRequestMatcher)3 NegatedRequestMatcher (org.springframework.security.web.util.matcher.NegatedRequestMatcher)3 OrRequestMatcher (org.springframework.security.web.util.matcher.OrRequestMatcher)3 GitHubAuthenticationEntryPoint (io.pivotal.cla.security.GitHubAuthenticationEntryPoint)2 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)2 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2