org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint Java Examples
The following examples show how to use
org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SecurityConfiguration.java From cloud-security-xsuaa-integration with Apache License 2.0 | 6 votes |
@Override protected void configure(HttpSecurity http) throws Exception { //enforce browser login popup with basic authentication BasicAuthenticationEntryPoint authEntryPoint = new BasicAuthenticationEntryPoint(); authEntryPoint.setRealmName("spring-security-basic-auth"); // @formatter:off http.authorizeRequests() .antMatchers("/hello-token").hasAuthority("Display") .anyRequest().authenticated() .and() .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and().exceptionHandling().authenticationEntryPoint(authEntryPoint).and() .oauth2ResourceServer() .bearerTokenResolver(getTokenBrokerResolver()) .jwt() .jwtAuthenticationConverter(jwtAuthenticationConverter()); // @formatter:on }
Example #2
Source File: BasicSpringSecurityConfig.java From freeacs with MIT License | 4 votes |
private BasicAuthenticationEntryPoint basicEntryPoint() { BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthenticationEntryPoint.setRealmName("FreeACS"); return basicAuthenticationEntryPoint; }
Example #3
Source File: BasicAuthConfig.java From ods-provisioning-app with Apache License 2.0 | 4 votes |
@Bean public BasicAuthenticationEntryPoint basicAuthEntryPoint() { BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint(); entryPoint.setRealmName(idManagerRealm); return entryPoint; }
Example #4
Source File: BasicAuthSecurityTestConfig.java From ods-provisioning-app with Apache License 2.0 | 4 votes |
@Bean public BasicAuthenticationEntryPoint basicAuthenticationEntryPoint() { BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint(); entryPoint.setRealmName(TEST_REALM); return entryPoint; }
Example #5
Source File: TraderUISecurityConfiguration.java From java-trader with Apache License 2.0 | 4 votes |
public BasicAuthenticationEntryPoint getBasicAuthenticationEntryPoint() { TraderUIAuthenticationEntryPoint entryPoint = new TraderUIAuthenticationEntryPoint(); entryPoint.setRealmName(REALM); return entryPoint; }
Example #6
Source File: TraderUISecurityConfiguration.java From java-trader with Apache License 2.0 | 4 votes |
@SuppressWarnings("deprecation") @Bean public NoOpPasswordEncoder passwordEncoder() { BasicAuthenticationEntryPoint a; return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance(); }
Example #7
Source File: BasicAuthenticationSpringConfiguration.java From promregator with Apache License 2.0 | 4 votes |
@Bean public BasicAuthenticationFilter basicAuthFilter(AuthenticationManager authenticationManager, BasicAuthenticationEntryPoint basicAuthEntryPoint) { return new BasicAuthenticationFilter(authenticationManager, basicAuthEntryPoint()); }
Example #8
Source File: BasicAuthenticationSpringConfiguration.java From promregator with Apache License 2.0 | 4 votes |
@Bean public BasicAuthenticationEntryPoint basicAuthEntryPoint() { BasicAuthenticationEntryPoint bauth = new BasicAuthenticationEntryPoint(); bauth.setRealmName("Promregator"); return bauth; }
Example #9
Source File: SkipperOAuthSecurityConfiguration.java From spring-cloud-skipper with Apache License 2.0 | 4 votes |
@Override protected void configure(HttpSecurity http) throws Exception { final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthenticationEntryPoint.setRealmName(SecurityConfigUtils.BASIC_AUTH_REALM_NAME); basicAuthenticationEntryPoint.afterPropertiesSet(); if (opaqueTokenIntrospector != null) { BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter( providerManager(), basicAuthenticationEntryPoint); http.addFilter(basicAuthenticationFilter); } this.authorizationProperties.getAuthenticatedPaths().add(dashboard("/**")); this.authorizationProperties.getAuthenticatedPaths().add(dashboard("")); ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry security = http.authorizeRequests() .antMatchers(this.authorizationProperties.getPermitAllPaths().toArray(new String[0])) .permitAll() .antMatchers(this.authorizationProperties.getAuthenticatedPaths().toArray(new String[0])) .authenticated(); security = SecurityConfigUtils.configureSimpleSecurity(security, this.authorizationProperties); security.anyRequest().denyAll(); http.httpBasic().and() .logout() .logoutSuccessUrl(dashboard("/logout-success-oauth.html")) .and().csrf().disable() .exceptionHandling() .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/api/**")) .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/actuator/**")); if (opaqueTokenIntrospector != null) { http.oauth2ResourceServer() .opaqueToken() .introspector(opaqueTokenIntrospector()); } else if (oAuth2ResourceServerProperties.getJwt().getJwkSetUri() != null) { http.oauth2ResourceServer() .jwt() .jwtAuthenticationConverter(grantedAuthoritiesExtractor()); } this.securityStateBean.setAuthenticationEnabled(true); }
Example #10
Source File: BasicAuthSecurityConfiguration.java From spring-cloud-dashboard with Apache License 2.0 | 4 votes |
@Override protected void configure(HttpSecurity http) throws Exception { final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher( contentNegotiationStrategy, MediaType.TEXT_HTML); final String loginPage = dashboard("/#/login"); final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm()); basicAuthenticationEntryPoint.afterPropertiesSet(); http .csrf() .disable() .authorizeRequests() .antMatchers("/") .authenticated() .antMatchers( dashboard("/**"), "/authenticate", "/security/info", "/features", "/assets/**").permitAll() .and() .formLogin().loginPage(loginPage) .loginProcessingUrl(dashboard("/login")) .defaultSuccessUrl(dashboard("/")).permitAll() .and() .logout().logoutUrl(dashboard("/logout")) .logoutSuccessUrl(dashboard("/logout-success.html")) .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll() .and().httpBasic() .and().exceptionHandling() .defaultAuthenticationEntryPointFor( new LoginUrlAuthenticationEntryPoint(loginPage), textHtmlMatcher) .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, AnyRequestMatcher.INSTANCE) .and() .authorizeRequests() .anyRequest().authenticated(); final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>( sessionRepository()); sessionRepositoryFilter .setHttpSessionStrategy(new HeaderHttpSessionStrategy()); http.addFilterBefore(sessionRepositoryFilter, ChannelProcessingFilter.class).csrf().disable(); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED); }
Example #11
Source File: SecurityManagedConfiguration.java From hawkbit with Eclipse Public License 1.0 | 4 votes |
@Override protected void configure(final HttpSecurity http) throws Exception { HttpSecurity httpSec = http.regexMatcher("\\/rest.*|\\/system/admin.*").csrf().disable(); if (securityProperties.getCors().isEnabled()) { httpSec = httpSec.cors().and(); } if (securityProperties.isRequireSsl()) { httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and(); } httpSec.authorizeRequests().anyRequest().authenticated() .antMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**") .hasAnyAuthority(SpPermission.SYSTEM_ADMIN); if (oidcBearerTokenAuthenticationFilter != null) { // Only get the first client registration. Testing against every // client could increase the // attack vector ClientRegistration clientRegistration = null; for (final ClientRegistration cr : clientRegistrationRepository) { clientRegistration = cr; break; } Assert.notNull(clientRegistration, "There must be a valid client registration"); httpSec.oauth2ResourceServer().jwt().jwkSetUri(clientRegistration.getProviderDetails().getJwkSetUri()); oidcBearerTokenAuthenticationFilter.setClientRegistration(clientRegistration); httpSec.addFilterAfter(oidcBearerTokenAuthenticationFilter, BearerTokenAuthenticationFilter.class); } else { final BasicAuthenticationEntryPoint basicAuthEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthEntryPoint.setRealmName(securityProperties.getBasicRealm()); httpSec.addFilterBefore(new Filter() { @Override public void init(final FilterConfig filterConfig) throws ServletException { userAuthenticationFilter.init(filterConfig); } @Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { userAuthenticationFilter.doFilter(request, response, chain); } @Override public void destroy() { userAuthenticationFilter.destroy(); } }, RequestHeaderAuthenticationFilter.class); httpSec.httpBasic().and().exceptionHandling().authenticationEntryPoint(basicAuthEntryPoint); } httpSec.addFilterAfter( new AuthenticationSuccessTenantMetadataCreationFilter(systemManagement, systemSecurityContext), SessionManagementFilter.class); httpSec.anonymous().disable(); httpSec.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); }
Example #12
Source File: AtlasSecurityConfig.java From incubator-atlas with Apache License 2.0 | 4 votes |
public BasicAuthenticationEntryPoint getAuthenticationEntryPoint() { BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthenticationEntryPoint.setRealmName("atlas.com"); return basicAuthenticationEntryPoint; }
Example #13
Source File: MultipleEntryPointsSecurityConfig.java From tutorials with MIT License | 4 votes |
@Bean public AuthenticationEntryPoint authenticationEntryPoint(){ BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint(); entryPoint.setRealmName("admin realm"); return entryPoint; }