Search in sources :

Example 1 with RememberMeAuthenticationFilter

use of org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter in project spring-security by spring-projects.

the class RememberMeConfigurer method configure.

@Override
public void configure(H http) {
    RememberMeAuthenticationFilter rememberMeFilter = new RememberMeAuthenticationFilter(http.getSharedObject(AuthenticationManager.class), this.rememberMeServices);
    if (this.authenticationSuccessHandler != null) {
        rememberMeFilter.setAuthenticationSuccessHandler(this.authenticationSuccessHandler);
    }
    rememberMeFilter = postProcess(rememberMeFilter);
    http.addFilter(rememberMeFilter);
}
Also used : AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter)

Example 2 with RememberMeAuthenticationFilter

use of org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter in project kylo by Teradata.

the class KerberosWebSecurityConfigurer method configure.

@Override
@SuppressWarnings("unchecked")
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    http.removeConfigurer(LogoutConfigurer.class);
    http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().exceptionHandling().authenticationEntryPoint(spnegoEntryPoint).and().authorizeRequests().antMatchers("/**").authenticated().and().rememberMe().rememberMeServices(rememberMeServices).and().httpBasic().and().addFilterBefore(new RememberMeAuthenticationFilter(auth -> auth, rememberMeServices), BasicAuthenticationFilter.class).addFilterAfter(spnegoFilter(), RememberMeAuthenticationFilter.class).addFilterAfter(logoutFilter(), BasicAuthenticationFilter.class);
// @formatter:on
}
Also used : Order(org.springframework.core.annotation.Order) LogoutConfigurer(org.springframework.security.config.annotation.web.configurers.LogoutConfigurer) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) JaasAuthConfig(com.thinkbiganalytics.auth.jaas.config.JaasAuthConfig) SessionDestroyEventLogoutHandler(com.thinkbiganalytics.auth.config.SessionDestroyEventLogoutHandler) SpnegoEntryPoint(org.springframework.security.kerberos.web.authentication.SpnegoEntryPoint) SpnegoValidationUserAuthenticationFilter(com.thinkbiganalytics.security.auth.kerberos.SpnegoValidationUserAuthenticationFilter) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) SimpleUrlLogoutSuccessHandler(org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler) Profile(org.springframework.context.annotation.Profile) Configuration(org.springframework.context.annotation.Configuration) Inject(javax.inject.Inject) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) KerberosServiceAuthenticationProvider(org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) LogoutSuccessHandler(org.springframework.security.web.authentication.logout.LogoutSuccessHandler) SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) Bean(org.springframework.context.annotation.Bean) AbstractJaasAuthenticationProvider(org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider) Named(javax.inject.Named) RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter) RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter)

Example 3 with RememberMeAuthenticationFilter

use of org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter in project kylo by Teradata.

the class DefaultWebSecurityConfigurer method configure.

@Override
@SuppressWarnings("unchecked")
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    http.removeConfigurer(LogoutConfigurer.class);
    http.authenticationProvider(this.authenticationProvider).csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().antMatchers("/**").authenticated().and().rememberMe().rememberMeServices(rememberMeServices).and().httpBasic().and().addFilterBefore(new JaasHttpCallbackHandlerFilter(), BasicAuthenticationFilter.class).addFilterBefore(new RememberMeAuthenticationFilter(auth -> auth, rememberMeServices), BasicAuthenticationFilter.class).addFilterAfter(logoutFilter(), BasicAuthenticationFilter.class);
// @formatter:on
}
Also used : RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) JaasHttpCallbackHandlerFilter(com.thinkbiganalytics.auth.jaas.http.JaasHttpCallbackHandlerFilter)

Example 4 with RememberMeAuthenticationFilter

use of org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter in project kylo by Teradata.

the class KerberosWebSecurityConfigurer method configure.

@Override
@SuppressWarnings("unchecked")
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    http.removeConfigurer(LogoutConfigurer.class);
    http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().exceptionHandling().authenticationEntryPoint(spnegoEntryPoint).and().authorizeRequests().antMatchers("/login", "/login/**", "/login**").permitAll().antMatchers("/**").authenticated().and().formLogin().usernameParameter("username").passwordParameter("password").loginPage("/login.html").loginProcessingUrl("/login").failureUrl("/login.html?error=true").permitAll().and().logout().permitAll().and().rememberMe().rememberMeServices(rememberMeServices).and().addFilterBefore(new RememberMeAuthenticationFilter(auth -> auth, rememberMeServices), BasicAuthenticationFilter.class).addFilterAfter(spnegoFilter(), RememberMeAuthenticationFilter.class).httpBasic();
// @formatter:on
}
Also used : AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) Inject(javax.inject.Inject) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) KerberosServiceAuthenticationProvider(org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider) Named(javax.inject.Named) RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter) Order(org.springframework.core.annotation.Order) LogoutConfigurer(org.springframework.security.config.annotation.web.configurers.LogoutConfigurer) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) JaasAuthConfig(com.thinkbiganalytics.auth.jaas.config.JaasAuthConfig) WebSecurity(org.springframework.security.config.annotation.web.builders.WebSecurity) SessionDestroyEventLogoutHandler(com.thinkbiganalytics.auth.config.SessionDestroyEventLogoutHandler) SpnegoEntryPoint(org.springframework.security.kerberos.web.authentication.SpnegoEntryPoint) SpnegoValidationUserAuthenticationFilter(com.thinkbiganalytics.security.auth.kerberos.SpnegoValidationUserAuthenticationFilter) SimpleUrlLogoutSuccessHandler(org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler) Profile(org.springframework.context.annotation.Profile) Configuration(org.springframework.context.annotation.Configuration) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) LogoutSuccessHandler(org.springframework.security.web.authentication.logout.LogoutSuccessHandler) SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler) Bean(org.springframework.context.annotation.Bean) AbstractJaasAuthenticationProvider(org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider) RememberMeAuthenticationFilter(org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter)

Aggregations

RememberMeAuthenticationFilter (org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter)4 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)3 BasicAuthenticationFilter (org.springframework.security.web.authentication.www.BasicAuthenticationFilter)3 SessionDestroyEventLogoutHandler (com.thinkbiganalytics.auth.config.SessionDestroyEventLogoutHandler)2 JaasAuthConfig (com.thinkbiganalytics.auth.jaas.config.JaasAuthConfig)2 SpnegoValidationUserAuthenticationFilter (com.thinkbiganalytics.security.auth.kerberos.SpnegoValidationUserAuthenticationFilter)2 Inject (javax.inject.Inject)2 Named (javax.inject.Named)2 Bean (org.springframework.context.annotation.Bean)2 Configuration (org.springframework.context.annotation.Configuration)2 Profile (org.springframework.context.annotation.Profile)2 Order (org.springframework.core.annotation.Order)2 AuthenticationProvider (org.springframework.security.authentication.AuthenticationProvider)2 AbstractJaasAuthenticationProvider (org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider)2 AuthenticationManagerBuilder (org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)2 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)2 EnableWebSecurity (org.springframework.security.config.annotation.web.configuration.EnableWebSecurity)2 LogoutConfigurer (org.springframework.security.config.annotation.web.configurers.LogoutConfigurer)2 SessionCreationPolicy (org.springframework.security.config.http.SessionCreationPolicy)2 KerberosServiceAuthenticationProvider (org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider)2