Examples with RequestHeaderRequestMatcher org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher used on opensource projects

Search in sources :

Example 11 with RequestHeaderRequestMatcher

use of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher in project spring-security by spring-projects.

the class RequestHeaderRequestMatcherTests method matchesHeaderNameValueHeaderValueMultiNotMatch.

@Test
public void matchesHeaderNameValueHeaderValueMultiNotMatch() {
    request.addHeader(headerName, headerValue + "notMatch");
    request.addHeader(headerName, headerValue);
    assertThat(new RequestHeaderRequestMatcher(headerName, headerValue).matches(request)).isFalse();
}
Also used : RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) Test(org.junit.Test)

Example 12 with RequestHeaderRequestMatcher

use of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher in project spring-security by spring-projects.

the class RequestHeaderRequestMatcherTests method matchesHeaderNameMatches.

@Test
public void matchesHeaderNameMatches() {
    request.addHeader(headerName, headerValue);
    assertThat(new RequestHeaderRequestMatcher(headerName).matches(request)).isTrue();
}
Also used : RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) Test(org.junit.Test)

Example 13 with RequestHeaderRequestMatcher

use of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher in project spring-security by spring-projects.

the class AbstractAuthenticationFilterConfigurer method registerDefaultAuthenticationEntryPoint.

@SuppressWarnings("unchecked")
private void registerDefaultAuthenticationEntryPoint(B http) {
    ExceptionHandlingConfigurer<B> exceptionHandling = http.getConfigurer(ExceptionHandlingConfigurer.class);
    if (exceptionHandling == null) {
        return;
    }
    ContentNegotiationStrategy contentNegotiationStrategy = http.getSharedObject(ContentNegotiationStrategy.class);
    if (contentNegotiationStrategy == null) {
        contentNegotiationStrategy = new HeaderContentNegotiationStrategy();
    }
    MediaTypeRequestMatcher mediaMatcher = new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.APPLICATION_XHTML_XML, new MediaType("image", "*"), MediaType.TEXT_HTML, MediaType.TEXT_PLAIN);
    mediaMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
    RequestMatcher notXRequestedWith = new NegatedRequestMatcher(new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"));
    RequestMatcher preferredMatcher = new AndRequestMatcher(Arrays.asList(notXRequestedWith, mediaMatcher));
    exceptionHandling.defaultAuthenticationEntryPointFor(postProcess(authenticationEntryPoint), preferredMatcher);
}
Also used : NegatedRequestMatcher(org.springframework.security.web.util.matcher.NegatedRequestMatcher) AndRequestMatcher(org.springframework.security.web.util.matcher.AndRequestMatcher) NegatedRequestMatcher(org.springframework.security.web.util.matcher.NegatedRequestMatcher) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) MediaTypeRequestMatcher(org.springframework.security.web.util.matcher.MediaTypeRequestMatcher) MediaType(org.springframework.http.MediaType) HeaderContentNegotiationStrategy(org.springframework.web.accept.HeaderContentNegotiationStrategy) MediaTypeRequestMatcher(org.springframework.security.web.util.matcher.MediaTypeRequestMatcher) HeaderContentNegotiationStrategy(org.springframework.web.accept.HeaderContentNegotiationStrategy) ContentNegotiationStrategy(org.springframework.web.accept.ContentNegotiationStrategy) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) AndRequestMatcher(org.springframework.security.web.util.matcher.AndRequestMatcher)

Example 14 with RequestHeaderRequestMatcher

use of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher in project spring-boot by spring-projects.

the class SsoSecurityConfigurer method addAuthenticationEntryPoint.

private void addAuthenticationEntryPoint(HttpSecurity http, OAuth2SsoProperties sso) throws Exception {
    ExceptionHandlingConfigurer<HttpSecurity> exceptions = http.exceptionHandling();
    ContentNegotiationStrategy contentNegotiationStrategy = http.getSharedObject(ContentNegotiationStrategy.class);
    if (contentNegotiationStrategy == null) {
        contentNegotiationStrategy = new HeaderContentNegotiationStrategy();
    }
    MediaTypeRequestMatcher preferredMatcher = new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.APPLICATION_XHTML_XML, new MediaType("image", "*"), MediaType.TEXT_HTML, MediaType.TEXT_PLAIN);
    preferredMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
    exceptions.defaultAuthenticationEntryPointFor(new LoginUrlAuthenticationEntryPoint(sso.getLoginPath()), preferredMatcher);
    // When multiple entry points are provided the default is the first one
    exceptions.defaultAuthenticationEntryPointFor(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED), new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"));
}
Also used : HttpStatusEntryPoint(org.springframework.security.web.authentication.HttpStatusEntryPoint) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) MediaType(org.springframework.http.MediaType) HeaderContentNegotiationStrategy(org.springframework.web.accept.HeaderContentNegotiationStrategy) MediaTypeRequestMatcher(org.springframework.security.web.util.matcher.MediaTypeRequestMatcher) ContentNegotiationStrategy(org.springframework.web.accept.ContentNegotiationStrategy) HeaderContentNegotiationStrategy(org.springframework.web.accept.HeaderContentNegotiationStrategy) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)

Example 15 with RequestHeaderRequestMatcher

use of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher in project spring-security by spring-projects.

the class OAuth2LoginConfigurer method getLoginEntryPoint.

private AuthenticationEntryPoint getLoginEntryPoint(B http, String providerLoginPage) {
    RequestMatcher loginPageMatcher = new AntPathRequestMatcher(this.getLoginPage());
    RequestMatcher faviconMatcher = new AntPathRequestMatcher("/favicon.ico");
    RequestMatcher defaultEntryPointMatcher = this.getAuthenticationEntryPointMatcher(http);
    RequestMatcher defaultLoginPageMatcher = new AndRequestMatcher(new OrRequestMatcher(loginPageMatcher, faviconMatcher), defaultEntryPointMatcher);
    RequestMatcher notXRequestedWith = new NegatedRequestMatcher(new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"));
    LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
    entryPoints.put(new AndRequestMatcher(notXRequestedWith, new NegatedRequestMatcher(defaultLoginPageMatcher)), new LoginUrlAuthenticationEntryPoint(providerLoginPage));
    DelegatingAuthenticationEntryPoint loginEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);
    loginEntryPoint.setDefaultEntryPoint(this.getAuthenticationEntryPoint());
    return loginEntryPoint;
}
Also used : NegatedRequestMatcher(org.springframework.security.web.util.matcher.NegatedRequestMatcher) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) OrRequestMatcher(org.springframework.security.web.util.matcher.OrRequestMatcher) AndRequestMatcher(org.springframework.security.web.util.matcher.AndRequestMatcher) NegatedRequestMatcher(org.springframework.security.web.util.matcher.NegatedRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint) DelegatingAuthenticationEntryPoint(org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint) AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) DelegatingAuthenticationEntryPoint(org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint) AndRequestMatcher(org.springframework.security.web.util.matcher.AndRequestMatcher) OrRequestMatcher(org.springframework.security.web.util.matcher.OrRequestMatcher) LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint) LinkedHashMap(java.util.LinkedHashMap)

Aggregations

RequestHeaderRequestMatcher (org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher)17 RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)9 NegatedRequestMatcher (org.springframework.security.web.util.matcher.NegatedRequestMatcher)8 AndRequestMatcher (org.springframework.security.web.util.matcher.AndRequestMatcher)7 MediaTypeRequestMatcher (org.springframework.security.web.util.matcher.MediaTypeRequestMatcher)7 Test (org.junit.Test)6 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)6 MediaType (org.springframework.http.MediaType)4 AuthenticationEntryPoint (org.springframework.security.web.AuthenticationEntryPoint)4 DelegatingAuthenticationEntryPoint (org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint)4 ContentNegotiationStrategy (org.springframework.web.accept.ContentNegotiationStrategy)4 HeaderContentNegotiationStrategy (org.springframework.web.accept.HeaderContentNegotiationStrategy)4 LinkedHashMap (java.util.LinkedHashMap)3 AtlasAuthenticationEntryPoint (org.apache.atlas.web.filters.AtlasAuthenticationEntryPoint)2 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)2 LoginUrlAuthenticationEntryPoint (org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)2 BasicAuthenticationEntryPoint (org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint)2 OrRequestMatcher (org.springframework.security.web.util.matcher.OrRequestMatcher)2 Initializer (alfio.config.Initializer)1 AuthenticationConstants (alfio.config.authentication.AuthenticationConstants)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial