Search in sources :

Example 1 with ServerAccessDeniedHandler

use of org.springframework.security.web.server.authorization.ServerAccessDeniedHandler in project spring-security by spring-projects.

the class ServerHttpSecurity method build.

/**
 * Builds the {@link SecurityWebFilterChain}
 * @return the {@link SecurityWebFilterChain}
 */
public SecurityWebFilterChain build() {
    if (this.built != null) {
        throw new IllegalStateException("This has already been built with the following stacktrace. " + buildToString());
    }
    this.built = new RuntimeException("First Build Invocation").fillInStackTrace();
    if (this.headers != null) {
        this.headers.configure(this);
    }
    WebFilter securityContextRepositoryWebFilter = securityContextRepositoryWebFilter();
    this.webFilters.add(securityContextRepositoryWebFilter);
    if (this.httpsRedirectSpec != null) {
        this.httpsRedirectSpec.configure(this);
    }
    if (this.x509 != null) {
        this.x509.configure(this);
    }
    if (this.csrf != null) {
        this.csrf.configure(this);
    }
    if (this.cors != null) {
        this.cors.configure(this);
    }
    if (this.httpBasic != null) {
        if (this.httpBasic.authenticationManager == null) {
            this.httpBasic.authenticationManager(this.authenticationManager);
        }
        if (this.httpBasic.securityContextRepository != null) {
            this.httpBasic.securityContextRepository(this.httpBasic.securityContextRepository);
        } else if (this.securityContextRepository != null) {
            this.httpBasic.securityContextRepository(this.securityContextRepository);
        } else {
            this.httpBasic.securityContextRepository(NoOpServerSecurityContextRepository.getInstance());
        }
        this.httpBasic.configure(this);
    }
    if (this.passwordManagement != null) {
        this.passwordManagement.configure(this);
    }
    if (this.formLogin != null) {
        if (this.formLogin.authenticationManager == null) {
            this.formLogin.authenticationManager(this.authenticationManager);
        }
        if (this.formLogin.securityContextRepository != null) {
            this.formLogin.securityContextRepository(this.formLogin.securityContextRepository);
        } else if (this.securityContextRepository != null) {
            this.formLogin.securityContextRepository(this.securityContextRepository);
        } else {
            this.formLogin.securityContextRepository(new WebSessionServerSecurityContextRepository());
        }
        this.formLogin.configure(this);
    }
    if (this.oauth2Login != null) {
        if (this.oauth2Login.securityContextRepository != null) {
            this.oauth2Login.securityContextRepository(this.oauth2Login.securityContextRepository);
        } else if (this.securityContextRepository != null) {
            this.oauth2Login.securityContextRepository(this.securityContextRepository);
        } else {
            this.oauth2Login.securityContextRepository(new WebSessionServerSecurityContextRepository());
        }
        this.oauth2Login.configure(this);
    }
    if (this.resourceServer != null) {
        this.resourceServer.configure(this);
    }
    if (this.client != null) {
        this.client.configure(this);
    }
    if (this.anonymous != null) {
        this.anonymous.configure(this);
    }
    this.loginPage.configure(this);
    if (this.logout != null) {
        this.logout.configure(this);
    }
    this.requestCache.configure(this);
    this.addFilterAt(new SecurityContextServerWebExchangeWebFilter(), SecurityWebFiltersOrder.SECURITY_CONTEXT_SERVER_WEB_EXCHANGE);
    if (this.authorizeExchange != null) {
        ServerAuthenticationEntryPoint authenticationEntryPoint = getAuthenticationEntryPoint();
        ExceptionTranslationWebFilter exceptionTranslationWebFilter = new ExceptionTranslationWebFilter();
        if (authenticationEntryPoint != null) {
            exceptionTranslationWebFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
        }
        ServerAccessDeniedHandler accessDeniedHandler = getAccessDeniedHandler();
        if (accessDeniedHandler != null) {
            exceptionTranslationWebFilter.setAccessDeniedHandler(accessDeniedHandler);
        }
        this.addFilterAt(exceptionTranslationWebFilter, SecurityWebFiltersOrder.EXCEPTION_TRANSLATION);
        this.authorizeExchange.configure(this);
    }
    AnnotationAwareOrderComparator.sort(this.webFilters);
    List<WebFilter> sortedWebFilters = new ArrayList<>();
    this.webFilters.forEach((f) -> {
        if (f instanceof OrderedWebFilter) {
            f = ((OrderedWebFilter) f).webFilter;
        }
        sortedWebFilters.add(f);
    });
    sortedWebFilters.add(0, new ServerWebExchangeReactorContextWebFilter());
    return new MatcherSecurityWebFilterChain(getSecurityMatcher(), sortedWebFilters);
}
Also used : SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter) ServerWebExchangeDelegatingServerAccessDeniedHandler(org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler) BearerTokenServerAccessDeniedHandler(org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler) ServerAccessDeniedHandler(org.springframework.security.web.server.authorization.ServerAccessDeniedHandler) HttpsRedirectWebFilter(org.springframework.security.web.server.transport.HttpsRedirectWebFilter) ExchangeMatcherRedirectWebFilter(org.springframework.security.web.server.ExchangeMatcherRedirectWebFilter) LogoutWebFilter(org.springframework.security.web.server.authentication.logout.LogoutWebFilter) WebFilter(org.springframework.web.server.WebFilter) ServerRequestCacheWebFilter(org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter) CorsWebFilter(org.springframework.web.cors.reactive.CorsWebFilter) ReactorContextWebFilter(org.springframework.security.web.server.context.ReactorContextWebFilter) LogoutPageGeneratingWebFilter(org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter) OAuth2AuthorizationCodeGrantWebFilter(org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter) OAuth2AuthorizationRequestRedirectWebFilter(org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter) AnonymousAuthenticationWebFilter(org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter) AuthorizationWebFilter(org.springframework.security.web.server.authorization.AuthorizationWebFilter) HttpHeaderWriterWebFilter(org.springframework.security.web.server.header.HttpHeaderWriterWebFilter) SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter) OAuth2LoginAuthenticationWebFilter(org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter) LoginPageGeneratingWebFilter(org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter) CsrfWebFilter(org.springframework.security.web.server.csrf.CsrfWebFilter) AuthenticationWebFilter(org.springframework.security.web.server.authentication.AuthenticationWebFilter) ExceptionTranslationWebFilter(org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter) WebSessionServerSecurityContextRepository(org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository) ArrayList(java.util.ArrayList) MatcherSecurityWebFilterChain(org.springframework.security.web.server.MatcherSecurityWebFilterChain) ExceptionTranslationWebFilter(org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter) HttpBasicServerAuthenticationEntryPoint(org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint) ServerAuthenticationEntryPoint(org.springframework.security.web.server.ServerAuthenticationEntryPoint) DelegatingServerAuthenticationEntryPoint(org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint) RedirectServerAuthenticationEntryPoint(org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint) BearerTokenServerAuthenticationEntryPoint(org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint)

Aggregations

ArrayList (java.util.ArrayList)1 OAuth2AuthorizationCodeGrantWebFilter (org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter)1 OAuth2AuthorizationRequestRedirectWebFilter (org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter)1 OAuth2LoginAuthenticationWebFilter (org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter)1 BearerTokenServerAccessDeniedHandler (org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler)1 BearerTokenServerAuthenticationEntryPoint (org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint)1 DelegatingServerAuthenticationEntryPoint (org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint)1 ExchangeMatcherRedirectWebFilter (org.springframework.security.web.server.ExchangeMatcherRedirectWebFilter)1 MatcherSecurityWebFilterChain (org.springframework.security.web.server.MatcherSecurityWebFilterChain)1 ServerAuthenticationEntryPoint (org.springframework.security.web.server.ServerAuthenticationEntryPoint)1 AnonymousAuthenticationWebFilter (org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter)1 AuthenticationWebFilter (org.springframework.security.web.server.authentication.AuthenticationWebFilter)1 HttpBasicServerAuthenticationEntryPoint (org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint)1 RedirectServerAuthenticationEntryPoint (org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint)1 LogoutWebFilter (org.springframework.security.web.server.authentication.logout.LogoutWebFilter)1 AuthorizationWebFilter (org.springframework.security.web.server.authorization.AuthorizationWebFilter)1 ExceptionTranslationWebFilter (org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter)1 ServerAccessDeniedHandler (org.springframework.security.web.server.authorization.ServerAccessDeniedHandler)1 ServerWebExchangeDelegatingServerAccessDeniedHandler (org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler)1 ReactorContextWebFilter (org.springframework.security.web.server.context.ReactorContextWebFilter)1