Examples with HttpSessionSecurityContextRepository org.springframework.security.web.context.HttpSessionSecurityContextRepository used on opensource projects

Search in sources :

Example 1 with HttpSessionSecurityContextRepository

use of org.springframework.security.web.context.HttpSessionSecurityContextRepository in project motech by motech.

the class SecurityRuleBuilder method addFilters.

private List<Filter> addFilters(MotechURLSecurityRule securityRule) throws ServletException {
    List<Filter> filters = new ArrayList<>();
    SecurityContextRepository contextRepository = new HttpSessionSecurityContextRepository();
    RequestCache requestCache = new HttpSessionRequestCache();
    addSecureChannel(filters, securityRule.getProtocol());
    addSecurityContextPersistenceFilter(filters, contextRepository);
    addLogoutFilter(filters, securityRule);
    addAuthenticationFilters(filters, securityRule);
    addRequestCacheFilter(filters, requestCache);
    addSecurityContextHolderAwareRequestFilter(filters);
    addAnonymousAuthenticationFilter(filters);
    addSessionManagementFilter(filters, contextRepository);
    addExceptionTranslationFilter(filters, requestCache, securityRule.isRest());
    addFilterSecurityInterceptor(filters, securityRule);
    return filters;
}
Also used : HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) OpenIDAuthenticationFilter(org.springframework.security.openid.OpenIDAuthenticationFilter) SessionManagementFilter(org.springframework.security.web.session.SessionManagementFilter) Filter(javax.servlet.Filter) ChannelProcessingFilter(org.springframework.security.web.access.channel.ChannelProcessingFilter) ExceptionTranslationFilter(org.springframework.security.web.access.ExceptionTranslationFilter) UsernamePasswordAuthenticationFilter(org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter) SecurityContextPersistenceFilter(org.springframework.security.web.context.SecurityContextPersistenceFilter) LogoutFilter(org.springframework.security.web.authentication.logout.LogoutFilter) AnonymousAuthenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) SecurityContextHolderAwareRequestFilter(org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter) RequestCacheAwareFilter(org.springframework.security.web.savedrequest.RequestCacheAwareFilter) HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) RequestCache(org.springframework.security.web.savedrequest.RequestCache) HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) ArrayList(java.util.ArrayList) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository)

Example 2 with HttpSessionSecurityContextRepository

use of org.springframework.security.web.context.HttpSessionSecurityContextRepository in project spring-security by spring-projects.

the class SecurityContextConfigurer method configure.

@Override
@SuppressWarnings("unchecked")
public void configure(H http) {
    SecurityContextRepository securityContextRepository = http.getSharedObject(SecurityContextRepository.class);
    if (securityContextRepository == null) {
        securityContextRepository = new HttpSessionSecurityContextRepository();
    }
    SecurityContextPersistenceFilter securityContextFilter = new SecurityContextPersistenceFilter(securityContextRepository);
    SessionManagementConfigurer<?> sessionManagement = http.getConfigurer(SessionManagementConfigurer.class);
    SessionCreationPolicy sessionCreationPolicy = (sessionManagement != null) ? sessionManagement.getSessionCreationPolicy() : null;
    if (SessionCreationPolicy.ALWAYS == sessionCreationPolicy) {
        securityContextFilter.setForceEagerSessionCreation(true);
    }
    securityContextFilter = postProcess(securityContextFilter);
    http.addFilter(securityContextFilter);
}
Also used : SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) SecurityContextPersistenceFilter(org.springframework.security.web.context.SecurityContextPersistenceFilter)

Example 3 with HttpSessionSecurityContextRepository

use of org.springframework.security.web.context.HttpSessionSecurityContextRepository in project spring-security by spring-projects.

the class SessionManagementConfigurer method init.

@Override
public void init(H http) {
    SecurityContextRepository securityContextRepository = http.getSharedObject(SecurityContextRepository.class);
    boolean stateless = isStateless();
    if (securityContextRepository == null) {
        if (stateless) {
            http.setSharedObject(SecurityContextRepository.class, new NullSecurityContextRepository());
        } else {
            HttpSessionSecurityContextRepository httpSecurityRepository = new HttpSessionSecurityContextRepository();
            httpSecurityRepository.setDisableUrlRewriting(!this.enableSessionUrlRewriting);
            httpSecurityRepository.setAllowSessionCreation(isAllowSessionCreation());
            AuthenticationTrustResolver trustResolver = http.getSharedObject(AuthenticationTrustResolver.class);
            if (trustResolver != null) {
                httpSecurityRepository.setTrustResolver(trustResolver);
            }
            http.setSharedObject(SecurityContextRepository.class, httpSecurityRepository);
        }
    }
    RequestCache requestCache = http.getSharedObject(RequestCache.class);
    if (requestCache == null) {
        if (stateless) {
            http.setSharedObject(RequestCache.class, new NullRequestCache());
        }
    }
    http.setSharedObject(SessionAuthenticationStrategy.class, getSessionAuthenticationStrategy(http));
    http.setSharedObject(InvalidSessionStrategy.class, getInvalidSessionStrategy());
}
Also used : HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) NullSecurityContextRepository(org.springframework.security.web.context.NullSecurityContextRepository) RequestCache(org.springframework.security.web.savedrequest.RequestCache) NullRequestCache(org.springframework.security.web.savedrequest.NullRequestCache) AuthenticationTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver) NullSecurityContextRepository(org.springframework.security.web.context.NullSecurityContextRepository) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) NullRequestCache(org.springframework.security.web.savedrequest.NullRequestCache)

Example 4 with HttpSessionSecurityContextRepository

use of org.springframework.security.web.context.HttpSessionSecurityContextRepository in project spring-security by spring-projects.

the class SessionManagementConfigServlet31Tests method login.

private void login(Authentication auth) {
    HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
    HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(this.request, this.response);
    repo.loadContext(requestResponseHolder);
    SecurityContextImpl securityContextImpl = new SecurityContextImpl();
    securityContextImpl.setAuthentication(auth);
    repo.saveContext(securityContextImpl, requestResponseHolder.getRequest(), requestResponseHolder.getResponse());
}
Also used : HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository)

Example 5 with HttpSessionSecurityContextRepository

use of org.springframework.security.web.context.HttpSessionSecurityContextRepository in project spring-security by spring-projects.

the class SessionManagementConfigurerServlet31Tests method login.

private void login(Authentication auth) {
    HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
    HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(this.request, this.response);
    repo.loadContext(requestResponseHolder);
    SecurityContextImpl securityContextImpl = new SecurityContextImpl();
    securityContextImpl.setAuthentication(auth);
    repo.saveContext(securityContextImpl, requestResponseHolder.getRequest(), requestResponseHolder.getResponse());
}
Also used : HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository)

Aggregations

HttpSessionSecurityContextRepository (org.springframework.security.web.context.HttpSessionSecurityContextRepository)6 SecurityContextRepository (org.springframework.security.web.context.SecurityContextRepository)3 AuthenticationTrustResolver (org.springframework.security.authentication.AuthenticationTrustResolver)2 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)2 HttpRequestResponseHolder (org.springframework.security.web.context.HttpRequestResponseHolder)2 SecurityContextPersistenceFilter (org.springframework.security.web.context.SecurityContextPersistenceFilter)2 RequestCache (org.springframework.security.web.savedrequest.RequestCache)2 MidpointSecurityContext (com.evolveum.midpoint.authentication.impl.MidpointSecurityContext)1 ArrayList (java.util.ArrayList)1 Filter (javax.servlet.Filter)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 SessionCreationPolicy (org.springframework.security.config.http.SessionCreationPolicy)1 SecurityContext (org.springframework.security.core.context.SecurityContext)1 OpenIDAuthenticationFilter (org.springframework.security.openid.OpenIDAuthenticationFilter)1 ExceptionTranslationFilter (org.springframework.security.web.access.ExceptionTranslationFilter)1 ChannelProcessingFilter (org.springframework.security.web.access.channel.ChannelProcessingFilter)1 AnonymousAuthenticationFilter (org.springframework.security.web.authentication.AnonymousAuthenticationFilter)1 UsernamePasswordAuthenticationFilter (org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter)1 LogoutFilter (org.springframework.security.web.authentication.logout.LogoutFilter)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial