Java Code Examples for org.springframework.security.config.annotation.web.builders.httpsecurity#authenticationProvider()

The following examples show how to use org.springframework.security.config.annotation.web.builders.httpsecurity#authenticationProvider() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: WebSecurityConfig.java    From cloud-portal with MIT License 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    // set directory authentication provider
    http.authenticationProvider(directoryAuthenticationProvider);

    // any request should be authenticated
    http.authorizeRequests().anyRequest().authenticated();

    // use form based login
    http.formLogin().loginPage(PATTERN_LOGIN).permitAll().and().logout().permitAll();

    // disable cross site request forgery
    http.csrf().disable();

    // disable strict transport security for frames
    http.headers().frameOptions().sameOrigin().httpStrictTransportSecurity().disable();
}
 
Example 2
Source File: SAMLConfigurerBean.java    From spring-boot-security-saml with MIT License 6 votes vote down vote up
@SuppressWarnings("unchecked")
@Override
public void init(HttpSecurity http) throws Exception {
    serviceProviderBuilder.build();
    SAMLAuthenticationProvider authenticationProvider = serviceProviderBuilder.getSharedObject(SAMLAuthenticationProvider.class);
    SAMLEntryPoint sAMLEntryPoint = serviceProviderBuilder.getSharedObject(SAMLEntryPoint.class);
    CheckedConsumer<HttpSecurity, Exception> httpConsumer = serviceProviderBuilder.getSharedObject(CheckedConsumer.class);

    // @formatter:off
    http
        .exceptionHandling()
        .authenticationEntryPoint(sAMLEntryPoint);
    http
        .logout()
        .disable();
    http.
        authenticationProvider(authenticationProvider);

    if(httpConsumer != null) {
        httpConsumer.accept(http);
    }
    // @formatter:on
}
 
Example 3
Source File: OpenIdAuthenticationSecurityConfig.java    From microservices-platform with Apache License 2.0 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) {
    //openId provider
    OpenIdAuthenticationProvider provider = new OpenIdAuthenticationProvider();
    provider.setUserDetailsService(userDetailsService);
    http.authenticationProvider(provider);
}
 
Example 4
Source File: MobileAuthenticationSecurityConfig.java    From microservices-platform with Apache License 2.0 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) {
    //mobile provider
    MobileAuthenticationProvider provider = new MobileAuthenticationProvider();
    provider.setUserDetailsService(userDetailsService);
    provider.setPasswordEncoder(passwordEncoder);
    http.authenticationProvider(provider);
}
 
Example 5
Source File: TenantAuthenticationSecurityConfig.java    From microservices-platform with Apache License 2.0 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) {
    TenantAuthenticationProvider provider = new TenantAuthenticationProvider();
    provider.setUserDetailsService(userDetailsService);
    provider.setPasswordEncoder(passwordEncoder);
    http.authenticationProvider(provider);
}
 
Example 6
Source File: WechatAuthenticationConfigurer.java    From fast-family-master with Apache License 2.0 5 votes vote down vote up
@Override
public void configure(HttpSecurity builder) throws Exception {
    WechatAuthenticationFilter wechatAuthenticationFilter = new WechatAuthenticationFilter();
    wechatAuthenticationFilter.setWxMpService(wxMpService);
    wechatAuthenticationFilter.setAuthenticationFailureHandler(authenticationFailureHandler);
    wechatAuthenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler);
    WechatAuthenticationProvider wechatAuthenticationProvider = new WechatAuthenticationProvider();
    wechatAuthenticationProvider.setUserDetailsService(userDetailsService);
    builder.authenticationProvider(wechatAuthenticationProvider);
    builder.addFilterBefore(wechatAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
}
 
Example 7
Source File: WebSecurityConfigurer.java    From spring-oauth-server with GNU General Public License v2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().ignoringAntMatchers("/oauth/authorize", "/oauth/token", "/oauth/rest_token");

    http.authorizeRequests()
            .antMatchers("/public/**").permitAll()
            .antMatchers("/static/**").permitAll()
            .antMatchers("/oauth/rest_token*").permitAll()
            .antMatchers("/login*").permitAll()

            .antMatchers("/user/**").hasAnyRole("ADMIN")

            .antMatchers(HttpMethod.GET, "/login*").anonymous()
            .anyRequest().authenticated()
            .and()
            .formLogin()
            .loginPage("/login")
            .loginProcessingUrl("/signin")
            .failureUrl("/login?error=1")
            .usernameParameter("oidc_user")
            .passwordParameter("oidcPwd")
            .and()
            .logout()
            .logoutUrl("/signout")
            .deleteCookies("JSESSIONID")
            .logoutSuccessUrl("/")
            .and()
            .exceptionHandling();

    http.authenticationProvider(authenticationProvider());
}
 
Example 8
Source File: OpenIdChannelSecurityConfigurer.java    From cola with MIT License 4 votes vote down vote up
@Override
public void config(HttpSecurity httpSecurity) throws Exception {
	httpSecurity.authenticationProvider(openIdAuthenticationProvider);
	httpSecurity.authorizeRequests().antMatchers(openIdProperties.getLoginProcessUrl()).permitAll();
}
 
Example 9
Source File: SmsChannelSecurityConfigurer.java    From cola with MIT License 4 votes vote down vote up
@Override
public void config(HttpSecurity httpSecurity) throws Exception {
	httpSecurity.authenticationProvider(smsAuthenticationProvider);
	httpSecurity.authorizeRequests().antMatchers(smsCredentialProperties.getLoginProcessUrl(),
			smsCredentialProperties.getSendSmsUrl()).permitAll();
}
 
Example 10
Source File: AcChannelSecurityConfigurer.java    From cola with MIT License 4 votes vote down vote up
@Override
public void config(HttpSecurity httpSecurity) throws Exception {
	httpSecurity.authenticationProvider(acAuthenticationProvider);
	httpSecurity.authorizeRequests().antMatchers(acProperties.getLoginProcessUrl()).permitAll();
}