Examples with RequestHeaderAuthenticationFilter org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter used on opensource projects

Search in sources :

Example 1 with RequestHeaderAuthenticationFilter

use of org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter in project syndesis by syndesisio.

the class SecurityConfiguration method requestHeaderAuthenticationFilter.

@SuppressWarnings("PMD.SignatureDeclareThrowsException")
private RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() throws Exception {
    RequestHeaderAuthenticationFilter f = new RequestHeaderAuthenticationFilter();
    f.setPrincipalRequestHeader("X-Forwarded-User");
    f.setCredentialsRequestHeader("X-Forwarded-Access-Token");
    f.setAuthenticationManager(authenticationManager());
    f.setAuthenticationDetailsSource((AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>) (request) -> new PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(request, AuthorityUtils.createAuthorityList("ROLE_AUTHENTICATED")));
    f.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
    f.setExceptionIfHeaderMissing(false);
    return f;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AnonymousAuthenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter) PreAuthenticatedAuthenticationProvider(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) HttpMethod(org.springframework.http.HttpMethod) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) Profile(org.springframework.context.annotation.Profile) PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails) RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) Configuration(org.springframework.context.annotation.Configuration) WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler) Bean(org.springframework.context.annotation.Bean) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) PreAuthenticatedGrantedAuthoritiesUserDetailsService(org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService) RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails) SimpleUrlAuthenticationFailureHandler(org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler)

Example 2 with RequestHeaderAuthenticationFilter

use of org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter in project spring-security by spring-projects.

the class RequestHeaderAuthenticationFilterTests method missingHeaderIsIgnoredIfExceptionIfHeaderMissingIsFalse.

@Test
public void missingHeaderIsIgnoredIfExceptionIfHeaderMissingIsFalse() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    MockFilterChain chain = new MockFilterChain();
    RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
    filter.setExceptionIfHeaderMissing(false);
    filter.setAuthenticationManager(createAuthenticationManager());
    filter.doFilter(request, response, chain);
}
Also used : RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 3 with RequestHeaderAuthenticationFilter

use of org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter in project spring-security by spring-projects.

the class RequestHeaderAuthenticationFilterTests method rejectsMissingHeader.

@Test
public void rejectsMissingHeader() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    MockFilterChain chain = new MockFilterChain();
    RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
    assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class).isThrownBy(() -> filter.doFilter(request, response, chain));
}
Also used : PreAuthenticatedCredentialsNotFoundException(org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException) RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 4 with RequestHeaderAuthenticationFilter

use of org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter in project spring-security by spring-projects.

the class RequestHeaderAuthenticationFilterTests method defaultsToUsingSiteminderHeader.

@Test
public void defaultsToUsingSiteminderHeader() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.addHeader("SM_USER", "cat");
    MockHttpServletResponse response = new MockHttpServletResponse();
    MockFilterChain chain = new MockFilterChain();
    RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
    filter.setAuthenticationManager(createAuthenticationManager());
    filter.doFilter(request, response, chain);
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
    assertThat(SecurityContextHolder.getContext().getAuthentication().getName()).isEqualTo("cat");
    assertThat(SecurityContextHolder.getContext().getAuthentication().getCredentials()).isEqualTo("N/A");
}
Also used : RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 5 with RequestHeaderAuthenticationFilter

use of org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter in project spring-security by spring-projects.

the class RequestHeaderAuthenticationFilterTests method missingHeaderCausesException.

@Test
public void missingHeaderCausesException() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    MockFilterChain chain = new MockFilterChain();
    RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
    filter.setAuthenticationManager(createAuthenticationManager());
    assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class).isThrownBy(() -> filter.doFilter(request, response, chain));
}
Also used : PreAuthenticatedCredentialsNotFoundException(org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException) RequestHeaderAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

RequestHeaderAuthenticationFilter (org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter)8 Test (org.junit.jupiter.api.Test)7 MockFilterChain (org.springframework.mock.web.MockFilterChain)7 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)7 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)7 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)2 PreAuthenticatedCredentialsNotFoundException (org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 Bean (org.springframework.context.annotation.Bean)1 Configuration (org.springframework.context.annotation.Configuration)1 Profile (org.springframework.context.annotation.Profile)1 HttpMethod (org.springframework.http.HttpMethod)1 AuthenticationDetailsSource (org.springframework.security.authentication.AuthenticationDetailsSource)1 AuthenticationProvider (org.springframework.security.authentication.AuthenticationProvider)1 AuthenticationManagerBuilder (org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)1 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)1 EnableWebSecurity (org.springframework.security.config.annotation.web.configuration.EnableWebSecurity)1 WebSecurityConfigurerAdapter (org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter)1 SessionCreationPolicy (org.springframework.security.config.http.SessionCreationPolicy)1 Authentication (org.springframework.security.core.Authentication)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial