Examples with ChannelProcessingFilter - org.springframework.security.web.access.channel.ChannelProcessingFilter

Example 1 with ChannelProcessingFilter

use of org.springframework.security.web.access.channel.ChannelProcessingFilter in project motech by motech.

the class SecurityRuleBuilder method addSecureChannel.

private void addSecureChannel(List<Filter> filters, Protocol protocol) {
    ChannelProcessingFilter channelProcessingFilter = new ChannelProcessingFilter();
    channelProcessingFilter.setChannelDecisionManager(channelDecisionManager);
    RequestMatcher anyRequest = AnyRequestMatcher.INSTANCE;
    LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
    Collection<ConfigAttribute> configAtts = new ArrayList<>();
    switch(protocol) {
        case HTTP:
            configAtts.add(new SecurityConfig("ANY_CHANNEL"));
            break;
        case HTTPS:
            configAtts.add(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
            break;
        default:
    }
    requestMap.put(anyRequest, configAtts);
    FilterInvocationSecurityMetadataSource securityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
    channelProcessingFilter.setSecurityMetadataSource(securityMetadataSource);
    filters.add(channelProcessingFilter);
}

Also used : ChannelProcessingFilter(org.springframework.security.web.access.channel.ChannelProcessingFilter) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AnyRequestMatcher(org.springframework.security.web.util.matcher.AnyRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) ArrayList(java.util.ArrayList) Collection(java.util.Collection) DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource) DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource) FilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource) LinkedHashMap(java.util.LinkedHashMap)

Aggregations

ArrayList (java.util.ArrayList)1 Collection (java.util.Collection)1 LinkedHashMap (java.util.LinkedHashMap)1 ConfigAttribute (org.springframework.security.access.ConfigAttribute)1 SecurityConfig (org.springframework.security.access.SecurityConfig)1 ChannelProcessingFilter (org.springframework.security.web.access.channel.ChannelProcessingFilter)1 DefaultFilterInvocationSecurityMetadataSource (org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource)1 FilterInvocationSecurityMetadataSource (org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource)1 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)1 AnyRequestMatcher (org.springframework.security.web.util.matcher.AnyRequestMatcher)1 RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)1