Example 11 with LoginUrlAuthenticationEntryPoint
use of org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint in project midpoint by Evolveum.
the class MidpointSaml2LoginConfigurer method init.
public void init(B http) throws Exception {
Saml2AuthenticationTokenConverter authenticationConverter = new Saml2AuthenticationTokenConverter((RelyingPartyRegistrationResolver) new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository));
this.saml2WebSsoAuthenticationFilter = new MidpointSaml2WebSsoAuthenticationFilter(authenticationConverter, this.loginProcessingUrl, auditProvider);
this.setAuthenticationFilter(this.saml2WebSsoAuthenticationFilter);
super.loginProcessingUrl(this.loginProcessingUrl);
Map<String, String> providerUrlMap = this.getIdentityProviderUrlMap(this.relyingPartyRegistrationRepository);
boolean singleProvider = providerUrlMap.size() == 1;
if (singleProvider) {
this.updateAuthenticationDefaults();
this.updateAccessDefaults(http);
String loginUrl = (String) ((Map.Entry) providerUrlMap.entrySet().iterator().next()).getKey();
LoginUrlAuthenticationEntryPoint entryPoint = new LoginUrlAuthenticationEntryPoint(loginUrl);
this.registerAuthenticationEntryPoint(http, entryPoint);
} else {
super.init(http);
}
}
Also used :
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)
Example 12 with LoginUrlAuthenticationEntryPoint
use of org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint in project OsmAnd-tools by osmandapp.
the class WebSecurityConfiguration method configure.
@Override
protected void configure(HttpSecurity http) throws Exception {
// http.csrf().disable().antMatcher("/**");
// 1. CSRF
Set<String> enabledMethods = new TreeSet<>(Arrays.asList("GET", "HEAD", "TRACE", "OPTIONS", "POST", "DELETE"));
http.csrf().requireCsrfProtectionMatcher(new RequestMatcher() {
@Override
public boolean matches(HttpServletRequest request) {
String method = request.getMethod();
if (method != null && !enabledMethods.contains(method)) {
String url = request.getServletPath();
if (request.getPathInfo() != null) {
url += request.getPathInfo();
}
if (url.startsWith("/api/") || url.startsWith("/subscription/")) {
return false;
}
return true;
}
return false;
}
}).csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
http.cors().configurationSource(corsConfigurationSource());
http.authorizeRequests().antMatchers("/actuator/**", "/admin/**").hasAuthority(ROLE_ADMIN).antMatchers("/mapapi/auth/**").permitAll().antMatchers("/mapapi/**").hasAuthority(ROLE_PRO_USER).anyRequest().permitAll();
http.oauth2Login().userInfoEndpoint().userService(oauthGithubUserService());
// SEE MapApiController.loginForm to test form
// http.formLogin().loginPage("/mapapi/auth/loginForm").
// loginProcessingUrl("/mapapi/auth/loginProcess").defaultSuccessUrl("/map/loginSuccess");
LoginUrlAuthenticationEntryPoint mapLogin = new LoginUrlAuthenticationEntryPoint("/map/loginForm");
if (getApplicationContext().getEnvironment().acceptsProfiles(Profiles.of("production"))) {
mapLogin.setForceHttps(true);
}
http.exceptionHandling().defaultAuthenticationEntryPointFor(mapLogin, new AntPathRequestMatcher("/mapapi/**"));
http.rememberMe().tokenValiditySeconds(3600 * 24 * 14);
http.logout().deleteCookies("JSESSIONID").logoutSuccessUrl("/").logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll();
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
TreeSet(java.util.TreeSet)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)
Aggregations
LoginUrlAuthenticationEntryPoint (org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)12
AuthenticationEntryPoint (org.springframework.security.web.AuthenticationEntryPoint)4
AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)4
RequestHeaderRequestMatcher (org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher)4
RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)4
LinkedHashMap (java.util.LinkedHashMap)3
HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)3
DelegatingAuthenticationEntryPoint (org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint)3
AndRequestMatcher (org.springframework.security.web.util.matcher.AndRequestMatcher)3
MediaTypeRequestMatcher (org.springframework.security.web.util.matcher.MediaTypeRequestMatcher)3
NegatedRequestMatcher (org.springframework.security.web.util.matcher.NegatedRequestMatcher)3
OrRequestMatcher (org.springframework.security.web.util.matcher.OrRequestMatcher)3
Map (java.util.Map)2
BeanMetadataElement (org.springframework.beans.BeanMetadataElement)2
ExceptionTranslationFilter (org.springframework.security.web.access.ExceptionTranslationFilter)2
FilterSecurityInterceptor (org.springframework.security.web.access.intercept.FilterSecurityInterceptor)2
AnonymousAuthenticationFilter (org.springframework.security.web.authentication.AnonymousAuthenticationFilter)2
Route (com.vaadin.flow.router.Route)1
Filter (jakarta.servlet.Filter)1
HashMap (java.util.HashMap)1
