Example 1 with ServerAuthenticationEntryPoint
use of org.springframework.security.web.server.ServerAuthenticationEntryPoint in project spring-security by spring-projects.
the class ServerHttpSecurity method build.
/**
* Builds the {@link SecurityWebFilterChain}
* @return the {@link SecurityWebFilterChain}
*/
public SecurityWebFilterChain build() {
if (this.built != null) {
throw new IllegalStateException("This has already been built with the following stacktrace. " + buildToString());
}
this.built = new RuntimeException("First Build Invocation").fillInStackTrace();
if (this.headers != null) {
this.headers.configure(this);
}
WebFilter securityContextRepositoryWebFilter = securityContextRepositoryWebFilter();
this.webFilters.add(securityContextRepositoryWebFilter);
if (this.httpsRedirectSpec != null) {
this.httpsRedirectSpec.configure(this);
}
if (this.x509 != null) {
this.x509.configure(this);
}
if (this.csrf != null) {
this.csrf.configure(this);
}
if (this.cors != null) {
this.cors.configure(this);
}
if (this.httpBasic != null) {
if (this.httpBasic.authenticationManager == null) {
this.httpBasic.authenticationManager(this.authenticationManager);
}
if (this.httpBasic.securityContextRepository != null) {
this.httpBasic.securityContextRepository(this.httpBasic.securityContextRepository);
} else if (this.securityContextRepository != null) {
this.httpBasic.securityContextRepository(this.securityContextRepository);
} else {
this.httpBasic.securityContextRepository(NoOpServerSecurityContextRepository.getInstance());
}
this.httpBasic.configure(this);
}
if (this.passwordManagement != null) {
this.passwordManagement.configure(this);
}
if (this.formLogin != null) {
if (this.formLogin.authenticationManager == null) {
this.formLogin.authenticationManager(this.authenticationManager);
}
if (this.formLogin.securityContextRepository != null) {
this.formLogin.securityContextRepository(this.formLogin.securityContextRepository);
} else if (this.securityContextRepository != null) {
this.formLogin.securityContextRepository(this.securityContextRepository);
} else {
this.formLogin.securityContextRepository(new WebSessionServerSecurityContextRepository());
}
this.formLogin.configure(this);
}
if (this.oauth2Login != null) {
if (this.oauth2Login.securityContextRepository != null) {
this.oauth2Login.securityContextRepository(this.oauth2Login.securityContextRepository);
} else if (this.securityContextRepository != null) {
this.oauth2Login.securityContextRepository(this.securityContextRepository);
} else {
this.oauth2Login.securityContextRepository(new WebSessionServerSecurityContextRepository());
}
this.oauth2Login.configure(this);
}
if (this.resourceServer != null) {
this.resourceServer.configure(this);
}
if (this.client != null) {
this.client.configure(this);
}
if (this.anonymous != null) {
this.anonymous.configure(this);
}
this.loginPage.configure(this);
if (this.logout != null) {
this.logout.configure(this);
}
this.requestCache.configure(this);
this.addFilterAt(new SecurityContextServerWebExchangeWebFilter(), SecurityWebFiltersOrder.SECURITY_CONTEXT_SERVER_WEB_EXCHANGE);
if (this.authorizeExchange != null) {
ServerAuthenticationEntryPoint authenticationEntryPoint = getAuthenticationEntryPoint();
ExceptionTranslationWebFilter exceptionTranslationWebFilter = new ExceptionTranslationWebFilter();
if (authenticationEntryPoint != null) {
exceptionTranslationWebFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
}
ServerAccessDeniedHandler accessDeniedHandler = getAccessDeniedHandler();
if (accessDeniedHandler != null) {
exceptionTranslationWebFilter.setAccessDeniedHandler(accessDeniedHandler);
}
this.addFilterAt(exceptionTranslationWebFilter, SecurityWebFiltersOrder.EXCEPTION_TRANSLATION);
this.authorizeExchange.configure(this);
}
AnnotationAwareOrderComparator.sort(this.webFilters);
List<WebFilter> sortedWebFilters = new ArrayList<>();
this.webFilters.forEach((f) -> {
if (f instanceof OrderedWebFilter) {
f = ((OrderedWebFilter) f).webFilter;
}
sortedWebFilters.add(f);
});
sortedWebFilters.add(0, new ServerWebExchangeReactorContextWebFilter());
return new MatcherSecurityWebFilterChain(getSecurityMatcher(), sortedWebFilters);
}
Also used :
SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter)
ServerWebExchangeDelegatingServerAccessDeniedHandler(org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler)
BearerTokenServerAccessDeniedHandler(org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler)
ServerAccessDeniedHandler(org.springframework.security.web.server.authorization.ServerAccessDeniedHandler)
HttpsRedirectWebFilter(org.springframework.security.web.server.transport.HttpsRedirectWebFilter)
ExchangeMatcherRedirectWebFilter(org.springframework.security.web.server.ExchangeMatcherRedirectWebFilter)
LogoutWebFilter(org.springframework.security.web.server.authentication.logout.LogoutWebFilter)
WebFilter(org.springframework.web.server.WebFilter)
ServerRequestCacheWebFilter(org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter)
CorsWebFilter(org.springframework.web.cors.reactive.CorsWebFilter)
ReactorContextWebFilter(org.springframework.security.web.server.context.ReactorContextWebFilter)
LogoutPageGeneratingWebFilter(org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter)
OAuth2AuthorizationCodeGrantWebFilter(org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter)
OAuth2AuthorizationRequestRedirectWebFilter(org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter)
AnonymousAuthenticationWebFilter(org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter)
AuthorizationWebFilter(org.springframework.security.web.server.authorization.AuthorizationWebFilter)
HttpHeaderWriterWebFilter(org.springframework.security.web.server.header.HttpHeaderWriterWebFilter)
SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter)
OAuth2LoginAuthenticationWebFilter(org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter)
LoginPageGeneratingWebFilter(org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter)
CsrfWebFilter(org.springframework.security.web.server.csrf.CsrfWebFilter)
AuthenticationWebFilter(org.springframework.security.web.server.authentication.AuthenticationWebFilter)
ExceptionTranslationWebFilter(org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter)
WebSessionServerSecurityContextRepository(org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository)
ArrayList(java.util.ArrayList)
MatcherSecurityWebFilterChain(org.springframework.security.web.server.MatcherSecurityWebFilterChain)
ExceptionTranslationWebFilter(org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter)
HttpBasicServerAuthenticationEntryPoint(org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint)
ServerAuthenticationEntryPoint(org.springframework.security.web.server.ServerAuthenticationEntryPoint)
DelegatingServerAuthenticationEntryPoint(org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint)
RedirectServerAuthenticationEntryPoint(org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint)
BearerTokenServerAuthenticationEntryPoint(org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint)
Example 2 with ServerAuthenticationEntryPoint
use of org.springframework.security.web.server.ServerAuthenticationEntryPoint in project spring-security by spring-projects.
the class ServerHttpSecurityTests method basicWhenXHRRequestThenUnauthorized.
@Test
public void basicWhenXHRRequestThenUnauthorized() {
ServerAuthenticationEntryPoint authenticationEntryPoint = spy(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED));
this.http.httpBasic().authenticationEntryPoint(authenticationEntryPoint);
this.http.authorizeExchange().anyExchange().authenticated();
WebTestClient client = buildClient();
// @formatter:off
client.get().uri("/").header("X-Requested-With", "XMLHttpRequest").exchange().expectStatus().isUnauthorized().expectHeader().doesNotExist("WWW-Authenticate").expectHeader().valueMatches(HttpHeaders.CACHE_CONTROL, ".+").expectBody().isEmpty();
// @formatter:on
verify(authenticationEntryPoint).commence(any(), any());
}
Also used :
WebTestClient(org.springframework.test.web.reactive.server.WebTestClient)
HttpBasicServerAuthenticationEntryPoint(org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint)
ServerAuthenticationEntryPoint(org.springframework.security.web.server.ServerAuthenticationEntryPoint)
HttpStatusServerEntryPoint(org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint)
Test(org.junit.jupiter.api.Test)
Aggregations
ServerAuthenticationEntryPoint (org.springframework.security.web.server.ServerAuthenticationEntryPoint)2
HttpBasicServerAuthenticationEntryPoint (org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint)2
ArrayList (java.util.ArrayList)1
Test (org.junit.jupiter.api.Test)1
OAuth2AuthorizationCodeGrantWebFilter (org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter)1
OAuth2AuthorizationRequestRedirectWebFilter (org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter)1
OAuth2LoginAuthenticationWebFilter (org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter)1
BearerTokenServerAccessDeniedHandler (org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler)1
BearerTokenServerAuthenticationEntryPoint (org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint)1
DelegatingServerAuthenticationEntryPoint (org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint)1
ExchangeMatcherRedirectWebFilter (org.springframework.security.web.server.ExchangeMatcherRedirectWebFilter)1
MatcherSecurityWebFilterChain (org.springframework.security.web.server.MatcherSecurityWebFilterChain)1
AnonymousAuthenticationWebFilter (org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter)1
AuthenticationWebFilter (org.springframework.security.web.server.authentication.AuthenticationWebFilter)1
HttpStatusServerEntryPoint (org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint)1
RedirectServerAuthenticationEntryPoint (org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint)1
LogoutWebFilter (org.springframework.security.web.server.authentication.logout.LogoutWebFilter)1
AuthorizationWebFilter (org.springframework.security.web.server.authorization.AuthorizationWebFilter)1
ExceptionTranslationWebFilter (org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter)1
ServerAccessDeniedHandler (org.springframework.security.web.server.authorization.ServerAccessDeniedHandler)1
