Example 11 with HeaderContentNegotiationStrategy
use of org.springframework.web.accept.HeaderContentNegotiationStrategy in project spring-boot by spring-projects.
the class SsoSecurityConfigurer method addAuthenticationEntryPoint.
private void addAuthenticationEntryPoint(HttpSecurity http, OAuth2SsoProperties sso) throws Exception {
ExceptionHandlingConfigurer<HttpSecurity> exceptions = http.exceptionHandling();
ContentNegotiationStrategy contentNegotiationStrategy = http.getSharedObject(ContentNegotiationStrategy.class);
if (contentNegotiationStrategy == null) {
contentNegotiationStrategy = new HeaderContentNegotiationStrategy();
}
MediaTypeRequestMatcher preferredMatcher = new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.APPLICATION_XHTML_XML, new MediaType("image", "*"), MediaType.TEXT_HTML, MediaType.TEXT_PLAIN);
preferredMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
exceptions.defaultAuthenticationEntryPointFor(new LoginUrlAuthenticationEntryPoint(sso.getLoginPath()), preferredMatcher);
// When multiple entry points are provided the default is the first one
exceptions.defaultAuthenticationEntryPointFor(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED), new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"));
}
Also used :
HttpStatusEntryPoint(org.springframework.security.web.authentication.HttpStatusEntryPoint)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
MediaType(org.springframework.http.MediaType)
HeaderContentNegotiationStrategy(org.springframework.web.accept.HeaderContentNegotiationStrategy)
MediaTypeRequestMatcher(org.springframework.security.web.util.matcher.MediaTypeRequestMatcher)
ContentNegotiationStrategy(org.springframework.web.accept.ContentNegotiationStrategy)
HeaderContentNegotiationStrategy(org.springframework.web.accept.HeaderContentNegotiationStrategy)
RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher)
LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)
Aggregations
HeaderContentNegotiationStrategy (org.springframework.web.accept.HeaderContentNegotiationStrategy)11
MediaTypeRequestMatcher (org.springframework.security.web.util.matcher.MediaTypeRequestMatcher)7
ContentNegotiationStrategy (org.springframework.web.accept.ContentNegotiationStrategy)7
MediaType (org.springframework.http.MediaType)4
RequestHeaderRequestMatcher (org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher)4
Test (org.junit.Test)3
HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)3
AndRequestMatcher (org.springframework.security.web.util.matcher.AndRequestMatcher)3
NegatedRequestMatcher (org.springframework.security.web.util.matcher.NegatedRequestMatcher)3
RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)3
ContentNegotiationManager (org.springframework.web.accept.ContentNegotiationManager)3
View (org.springframework.web.servlet.View)3
ArrayList (java.util.ArrayList)2
Locale (java.util.Locale)2
ViewResolver (org.springframework.web.servlet.ViewResolver)2
Before (org.junit.Before)1
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1
Jaxb2Marshaller (org.springframework.oxm.jaxb.Jaxb2Marshaller)1
HttpStatusEntryPoint (org.springframework.security.web.authentication.HttpStatusEntryPoint)1
LoginUrlAuthenticationEntryPoint (org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)1
