Search in sources :

Example 1 with WebAsyncManagerIntegrationFilter

use of org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter in project spring-security by spring-projects.

the class WebSecurityConfigurerAdapter method applyDefaultConfiguration.

private void applyDefaultConfiguration(HttpSecurity http) throws Exception {
    http.csrf();
    http.addFilter(new WebAsyncManagerIntegrationFilter());
    http.exceptionHandling();
    http.headers();
    http.sessionManagement();
    http.securityContext();
    http.requestCache();
    http.anonymous();
    http.servletApi();
    http.apply(new DefaultLoginPageConfigurer<>());
    http.logout();
}
Also used : WebAsyncManagerIntegrationFilter(org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter)

Example 2 with WebAsyncManagerIntegrationFilter

use of org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter in project midpoint by Evolveum.

the class MidpointWebSecurityConfigurerAdapter method configure.

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.setSharedObject(AuthenticationTrustResolverImpl.class, new MidpointAuthenticationTrustResolverImpl());
    http.addFilter(new WebAsyncManagerIntegrationFilter()).sessionManagement().and().securityContext();
    http.apply(new AuthFilterConfigurer());
    createSessionContextRepository(http);
    http.sessionManagement().maximumSessions(-1).sessionRegistry(sessionRegistry).maxSessionsPreventsLogin(true);
}
Also used : MidpointAuthenticationTrustResolverImpl(com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl) WebAsyncManagerIntegrationFilter(org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter) AuthFilterConfigurer(com.evolveum.midpoint.authentication.impl.filter.configurers.AuthFilterConfigurer)

Example 3 with WebAsyncManagerIntegrationFilter

use of org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter in project spring-security by spring-projects.

the class HttpSecurityConfiguration method httpSecurity.

@Bean(HTTPSECURITY_BEAN_NAME)
@Scope("prototype")
HttpSecurity httpSecurity() throws Exception {
    WebSecurityConfigurerAdapter.LazyPasswordEncoder passwordEncoder = new WebSecurityConfigurerAdapter.LazyPasswordEncoder(this.context);
    AuthenticationManagerBuilder authenticationBuilder = new WebSecurityConfigurerAdapter.DefaultPasswordEncoderAuthenticationManagerBuilder(this.objectPostProcessor, passwordEncoder);
    authenticationBuilder.parentAuthenticationManager(authenticationManager());
    HttpSecurity http = new HttpSecurity(this.objectPostProcessor, authenticationBuilder, createSharedObjects());
    // @formatter:off
    http.csrf(withDefaults()).addFilter(new WebAsyncManagerIntegrationFilter()).exceptionHandling(withDefaults()).headers(withDefaults()).sessionManagement(withDefaults()).securityContext(withDefaults()).requestCache(withDefaults()).anonymous(withDefaults()).servletApi(withDefaults()).apply(new DefaultLoginPageConfigurer<>());
    http.logout(withDefaults());
    // @formatter:on
    applyDefaultConfigurers(http);
    return http;
}
Also used : HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) WebAsyncManagerIntegrationFilter(org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter) Scope(org.springframework.context.annotation.Scope) Bean(org.springframework.context.annotation.Bean)

Aggregations

WebAsyncManagerIntegrationFilter (org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter)3 MidpointAuthenticationTrustResolverImpl (com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl)1 AuthFilterConfigurer (com.evolveum.midpoint.authentication.impl.filter.configurers.AuthFilterConfigurer)1 Bean (org.springframework.context.annotation.Bean)1 Scope (org.springframework.context.annotation.Scope)1 AuthenticationManagerBuilder (org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)1 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)1