org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint Java Examples
The following examples show how to use
org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SecurityConfiguration.java From OAuth-2.0-Cookbook with MIT License | 7 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.addFilterAfter(new OAuth2ClientContextFilter(), AbstractPreAuthenticatedProcessingFilter.class)
.addFilterAfter(openIdConnectFilter, OAuth2ClientContextFilter.class)
.authorizeRequests()
.antMatchers("/").permitAll().and()
.authorizeRequests()
.antMatchers(apiBaseUri).authenticated().and()
.authorizeRequests().anyRequest().authenticated().and()
.httpBasic().authenticationEntryPoint(
new LoginUrlAuthenticationEntryPoint(callbackUri)).and()
.logout()
.logoutSuccessUrl("/")
.permitAll().and()
.csrf().disable();
}
Example #2
| Source File: SecurityConfiguration.java From OAuth-2.0-Cookbook with MIT License | 7 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.addFilterAfter(new OAuth2ClientContextFilter(), AbstractPreAuthenticatedProcessingFilter.class)
.addFilterAfter(openIdConnectFilter, OAuth2ClientContextFilter.class)
.authorizeRequests()
.antMatchers("/").permitAll().and()
.authorizeRequests()
.antMatchers(apiBaseUri).authenticated().and()
.authorizeRequests().anyRequest().authenticated().and()
.httpBasic().authenticationEntryPoint(
new LoginUrlAuthenticationEntryPoint(callbackUri)).and()
.logout()
.logoutSuccessUrl("/")
.permitAll().and()
.csrf().disable();
}
Example #3
| Source File: SecurityConfiguration.java From OAuth-2.0-Cookbook with MIT License | 6 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.addFilterAfter(new OAuth2ClientContextFilter(), AbstractPreAuthenticatedProcessingFilter.class)
.addFilterAfter(facebookLoginFilter, OAuth2ClientContextFilter.class)
.authorizeRequests()
.antMatchers("/", "/callback").permitAll().and()
.authorizeRequests()
.antMatchers("/profile/*").authenticated().and()
.authorizeRequests().anyRequest().authenticated().and()
.httpBasic().authenticationEntryPoint(
new LoginUrlAuthenticationEntryPoint("/callback")).and()
.logout().logoutSuccessUrl("/").permitAll().and()
.headers().frameOptions().disable().and()
.csrf().disable();
}
Example #4
| Source File: SecurityConfig.java From movie-db-java-on-azure with MIT License | 6 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
boolean usingFacebookAuthentication = facebook().getClientId() != null && !facebook().getClientId().isEmpty();
if (usingFacebookAuthentication) {
// @formatter:off
http.antMatcher("/**").authorizeRequests().antMatchers("/**").permitAll().anyRequest()
.authenticated().and().exceptionHandling()
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")).and().logout()
.logoutSuccessUrl("/").permitAll().and().csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
.addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
// @formatter:on
} else {
http.antMatcher("/**").authorizeRequests().anyRequest().permitAll();
}
}
Example #5
| Source File: SecurityConfig.java From Spring with Apache License 2.0 | 5 votes |
|
@Bean
public ExceptionTranslationFilter exceptionTranslationFilter() {
final AuthenticationEntryPoint loginUrlAuthenticationEntryPoint
= new LoginUrlAuthenticationEntryPoint("/login.jsp");
final AccessDeniedHandlerImpl accessDeniedHandlerImpl = new AccessDeniedHandlerImpl();
accessDeniedHandlerImpl.setErrorPage("/accessDenied.jsp");
final ExceptionTranslationFilter eTranslationFilter = new ExceptionTranslationFilter(loginUrlAuthenticationEntryPoint);
eTranslationFilter.setAccessDeniedHandler(accessDeniedHandlerImpl);
return eTranslationFilter;
}
Example #6
| Source File: SecurityConfig.java From Vaadin4Spring-MVP-Sample-SpringSecurity with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.exceptionHandling()
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
.and()
.authorizeRequests()
.antMatchers("/**").permitAll()
.and()
.rememberMe()
.key("vaadin4spring")
.rememberMeServices(persistentTokenBasedRememberMeServices())
.and()
.csrf().disable();
}
Example #7
| Source File: WebAnnoSecurity.java From webanno with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity aHttp) throws Exception
{
aHttp
.rememberMe()
.and()
.csrf().disable()
.authorizeRequests()
.antMatchers("/login.html*").permitAll()
// Resources need to be publicly accessible so they don't trigger the login
// page. Otherwise it could happen that the user is redirected to a resource
// upon login instead of being forwarded to a proper application page.
.antMatchers("/favicon.ico").permitAll()
.antMatchers("/favicon.png").permitAll()
.antMatchers("/assets/**").permitAll()
.antMatchers("/images/**").permitAll()
.antMatchers("/resources/**").permitAll()
.antMatchers("/wicket/resource/**").permitAll()
.antMatchers("/swagger-ui.html").access("hasAnyRole('ROLE_REMOTE')")
.antMatchers("/admin/**").access("hasAnyRole('ROLE_ADMIN')")
.antMatchers("/doc/**").access("hasAnyRole('ROLE_ADMIN', 'ROLE_USER')")
.antMatchers("/**").access("hasAnyRole('ROLE_ADMIN', 'ROLE_USER')")
.anyRequest().denyAll()
.and()
.exceptionHandling()
.defaultAuthenticationEntryPointFor(
new LoginUrlAuthenticationEntryPoint("/login.html"),
new AntPathRequestMatcher("/**"))
.and()
.headers().frameOptions().sameOrigin();
}
Example #8
| Source File: AjaxSupportedAuthenticationEntryPoint.java From onetwo with Apache License 2.0 | 5 votes |
|
@Override
public void afterPropertiesSet() throws Exception {
if(defaultAuthenticationEntryPoint==null){
LoginUrlAuthenticationEntryPoint entryPoint = new LoginUrlAuthenticationEntryPoint(securityConfig.getLoginUrl());
entryPoint.setForceHttps(forceHttps);
entryPoint.setPortMapper(new PortMapperImpl(){
public Integer lookupHttpsPort(Integer httpPort) {
Integer port = super.lookupHttpsPort(httpPort);
return port==null?httpsPort:port;
}
});
PropertyAccessorFactory.forDirectFieldAccess(entryPoint).setPropertyValue("redirectStrategy.contextRelative", contextRelative);
this.defaultAuthenticationEntryPoint = entryPoint;
}
}
Example #9
| Source File: IdolSecurity.java From find with MIT License | 5 votes |
|
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
final LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
entryPoints.put(new AntPathRequestMatcher("/api/**"), new Http403ForbiddenEntryPoint());
entryPoints.put(AnyRequestMatcher.INSTANCE, new LoginUrlAuthenticationEntryPoint(FindController.DEFAULT_LOGIN_PAGE));
final AuthenticationEntryPoint authenticationEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);
http
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint)
.accessDeniedPage("/authentication-error")
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(FindController.DEFAULT_LOGIN_PAGE)
.and()
.authorizeRequests()
.antMatchers(FindController.APP_PATH + "/**").hasAnyRole(FindRole.USER.name())
.antMatchers(FindController.CONFIG_PATH).hasRole(FindRole.CONFIG.name())
.antMatchers("/api/public/**").hasRole(FindRole.USER.name())
.antMatchers("/api/bi/**").hasRole(FindRole.BI.name())
.antMatchers("/api/config/**").hasRole(FindRole.CONFIG.name())
.antMatchers("/api/admin/**").hasRole(FindRole.ADMIN.name())
.antMatchers(FindController.DEFAULT_LOGIN_PAGE).permitAll()
.antMatchers(FindController.LOGIN_PATH).permitAll()
.antMatchers("/").permitAll()
.anyRequest().denyAll()
.and()
.headers()
.defaultsDisabled()
.frameOptions()
.sameOrigin();
idolSecurityCustomizer.customize(http, authenticationManager());
}
Example #10
| Source File: WebSecurityConfig.java From mojito with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
logger.debug("Configuring web security");
http.headers().cacheControl().disable();
http.csrf().ignoringAntMatchers("/shutdown", "/api/rotation");
http.authorizeRequests()
.antMatchers("/intl/*", "/img/*", "/fonts/*", "/login/**", "/webjars/**", "/cli/**", "/health").permitAll()
.antMatchers("/shutdown", "/api/rotation").hasIpAddress("127.0.0.1").anyRequest().permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin()
.loginPage("/login")
.successHandler(new ShowPageAuthenticationSuccessHandler())
.and()
.logout().logoutSuccessUrl("/login?logout").permitAll();
if (headerAuth) {
http.addFilterBefore(requestHeaderAuthenticationFilter(), BasicAuthenticationFilter.class);
}
if (oauth2Enabled) {
http.addFilterBefore(oauthFilter(), BasicAuthenticationFilter.class);
}
http.exceptionHandling().defaultAuthenticationEntryPointFor(new Http401AuthenticationEntryPoint("API_UNAUTHORIZED"), new AntPathRequestMatcher("/api/*"));
http.exceptionHandling().defaultAuthenticationEntryPointFor(new LoginUrlAuthenticationEntryPoint(oauth2Enabled ? "/login/oauth" : "/login"), new AntPathRequestMatcher("/*"));
}
Example #11
| Source File: AuthConfiguration.java From apollo with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.headers().frameOptions().sameOrigin();
http.authorizeRequests()
.antMatchers(BY_PASS_URLS).permitAll()
.antMatchers("/**").authenticated();
http.formLogin().loginPage("/signin").defaultSuccessUrl("/", true).permitAll().failureUrl("/signin?#/error").and()
.httpBasic();
http.logout().logoutUrl("/user/logout").invalidateHttpSession(true).clearAuthentication(true)
.logoutSuccessUrl("/signin?#/logout");
http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/signin"));
}
Example #12
| Source File: AuthConfiguration.java From apollo with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.headers().frameOptions().sameOrigin();
http.authorizeRequests()
.antMatchers(BY_PASS_URLS).permitAll()
.antMatchers("/**").hasAnyRole(USER_ROLE);
http.formLogin().loginPage("/signin").defaultSuccessUrl("/", true).permitAll().failureUrl("/signin?#/error").and()
.httpBasic();
http.logout().logoutUrl("/user/logout").invalidateHttpSession(true).clearAuthentication(true)
.logoutSuccessUrl("/signin?#/logout");
http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/signin"));
}
Example #13
| Source File: InceptionSecurity.java From inception with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity aHttp) throws Exception
{
aHttp
.rememberMe()
.and()
.csrf().disable()
.authorizeRequests()
.antMatchers("/login.html*").permitAll()
// Resources need to be publicly accessible so they don't trigger the login
// page. Otherwise it could happen that the user is redirected to a resource
// upon login instead of being forwarded to a proper application page.
.antMatchers("/favicon.ico").permitAll()
.antMatchers("/favicon.png").permitAll()
.antMatchers("/assets/**").permitAll()
.antMatchers("/images/**").permitAll()
.antMatchers("/resources/**").permitAll()
.antMatchers("/wicket/resource/**").permitAll()
.antMatchers("/swagger-ui.html").access("hasAnyRole('ROLE_REMOTE')")
.antMatchers("/admin/**").access("hasAnyRole('ROLE_ADMIN')")
.antMatchers("/doc/**").access("hasAnyRole('ROLE_ADMIN', 'ROLE_USER')")
.antMatchers("/**").access("hasAnyRole('ROLE_ADMIN', 'ROLE_USER')")
.anyRequest().denyAll()
.and()
.exceptionHandling()
.defaultAuthenticationEntryPointFor(
new LoginUrlAuthenticationEntryPoint("/login.html"),
new AntPathRequestMatcher("/**"))
.and()
.headers().frameOptions().sameOrigin();
}
Example #14
| Source File: SecurityConfig.java From Spring-Security-Third-Edition with MIT License | 4 votes |
|
@Bean
public LoginUrlAuthenticationEntryPoint loginUrlAuthenticationEntryPoint(){
return new LoginUrlAuthenticationEntryPoint("/login/form");
}
Example #15
| Source File: RestAwareExceptionTranslationFilter.java From yes-cart with Apache License 2.0 | 4 votes |
|
public RestAwareExceptionTranslationFilter(final String loginFormUrl) {
super(new LoginUrlAuthenticationEntryPoint(loginFormUrl));
}
Example #16
| Source File: BasicAuthSecurityConfiguration.java From spring-cloud-dashboard with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher(
contentNegotiationStrategy,
MediaType.TEXT_HTML);
final String loginPage = dashboard("/#/login");
final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
basicAuthenticationEntryPoint.afterPropertiesSet();
http
.csrf()
.disable()
.authorizeRequests()
.antMatchers("/")
.authenticated()
.antMatchers(
dashboard("/**"),
"/authenticate",
"/security/info",
"/features",
"/assets/**").permitAll()
.and()
.formLogin().loginPage(loginPage)
.loginProcessingUrl(dashboard("/login"))
.defaultSuccessUrl(dashboard("/")).permitAll()
.and()
.logout().logoutUrl(dashboard("/logout"))
.logoutSuccessUrl(dashboard("/logout-success.html"))
.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll()
.and().httpBasic()
.and().exceptionHandling()
.defaultAuthenticationEntryPointFor(
new LoginUrlAuthenticationEntryPoint(loginPage),
textHtmlMatcher)
.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint,
AnyRequestMatcher.INSTANCE)
.and()
.authorizeRequests()
.anyRequest().authenticated();
final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>(
sessionRepository());
sessionRepositoryFilter
.setHttpSessionStrategy(new HeaderHttpSessionStrategy());
http.addFilterBefore(sessionRepositoryFilter,
ChannelProcessingFilter.class).csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
Example #17
| Source File: SecurityManagedConfiguration.java From hawkbit with Eclipse Public License 1.0 | 4 votes |
|
@Override
protected void configure(final HttpSecurity http) throws Exception {
final boolean enableOidc = oidcUserService != null && authenticationSuccessHandler != null;
// workaround regex: we need to exclude the URL /UI/HEARTBEAT here
// because we bound the vaadin application to /UI and not to root,
// described in vaadin-forum:
// https://vaadin.com/forum#!/thread/3200565.
HttpSecurity httpSec;
if (enableOidc) {
httpSec = http.regexMatcher("(?!.*HEARTBEAT)^.*\\/(UI|oauth2).*$");
} else {
httpSec = http.regexMatcher("(?!.*HEARTBEAT)^.*\\/UI.*$");
}
// disable as CSRF is handled by Vaadin
httpSec.csrf().disable();
if (hawkbitSecurityProperties.isRequireSsl()) {
httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and();
} else {
LOG.info(
"\"******************\\n** Requires HTTPS Security has been disabled for UI, should only be used for developing purposes **\\n******************\"");
}
if (!StringUtils.isEmpty(hawkbitSecurityProperties.getContentSecurityPolicy())) {
httpSec.headers().contentSecurityPolicy(hawkbitSecurityProperties.getContentSecurityPolicy());
}
// UI
httpSec.authorizeRequests().antMatchers("/UI/login/**", "/UI/UIDL/**").permitAll()
.anyRequest().authenticated();
if (enableOidc) {
// OIDC
httpSec.oauth2Login().userInfoEndpoint().oidcUserService(oidcUserService).and()
.successHandler(authenticationSuccessHandler).and().oauth2Client();
} else {
// UI login / Basic auth
httpSec.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/UI/login"));
}
// UI logout
httpSec.logout().logoutUrl("/UI/logout*").addLogoutHandler(logoutHandler)
.logoutSuccessHandler(logoutSuccessHandler);
}
Example #18
| Source File: WebSecurityConfig.java From jvue-admin with MIT License | 4 votes |
|
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.csrf().disable()
// .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
// .and()
.userDetailsService(userDetailsService)
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.antMatchers("/login").permitAll()
.antMatchers("/error").permitAll()
.antMatchers("/pub/**").permitAll()
.antMatchers("/v2/api-docs").permitAll()
.antMatchers("/*.html").permitAll()
.antMatchers("/**/*.html").permitAll()
.antMatchers("/swagger-resources").permitAll()
.antMatchers("/swagger-resources/**").permitAll()
.antMatchers("/","/admin/").permitAll()
.antMatchers("/admin/**","/**/favicon.ico", "/webjars/**").permitAll()
.antMatchers("/**").authenticated()
.and()
.formLogin()
// .loginPage("/login")
.usernameParameter("username")
.passwordParameter("password")
.successHandler(authenticationSuccessHandler())
.failureHandler(authenticationFailureHandler())
.permitAll()
.and()
.oauth2Login()
.successHandler(oauth2SuccessHandler())
.and().
rememberMe()/* weex下cookie有问题 .alwaysRemember(true)*/
//.alwaysRemember(true)
.tokenValiditySeconds(840000)
.tokenRepository(tokenRepository())
.and()
.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler)
.and()
.headers().cacheControl();
// httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
// authenticationEntryPoint(entryPointUnauthorizedHandler)
RequestMatcher preferredMatcher = new AntPathRequestMatcher("/api/**");
RequestMatcher allMatcher = new AntPathRequestMatcher("/**");
httpSecurity.exceptionHandling()
.defaultAuthenticationEntryPointFor(entryPointUnauthorizedHandler, preferredMatcher)
.defaultAuthenticationEntryPointFor(new LoginUrlAuthenticationEntryPoint("/login"), allMatcher)
.accessDeniedHandler(restAccessDeniedHandler);
}
Example #19
| Source File: SecurityConfiguration.java From spring-google-openidconnect with MIT License | 4 votes |
|
@Bean
public AuthenticationEntryPoint authenticationEntryPoint() {
return new LoginUrlAuthenticationEntryPoint(LOGIN_URL);
}
Example #20
| Source File: CrustConfigurerAdapter.java From Milkomeda with MIT License | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.sessionManagement().sessionCreationPolicy(props.isStateless() ?
SessionCreationPolicy.STATELESS : SessionCreationPolicy.IF_REQUIRED).and()
.formLogin().disable()
// 支持跨域,从CorsConfigurationSource中取跨域配置
.cors()
.and()
// 禁用iframe跨域
.headers()
.frameOptions()
.disable();
// 配置预设置
presetConfigure(http);
// 如果是无状态方式
if (props.isStateless()) {
// 应用Token认证配置器,忽略登出请求
http.apply(new CrustAuthenticationConfigurer<>(authFailureHandler())).permissiveRequestUrls(props.getLogoutUrl())
.and()
.logout()
.logoutUrl(props.getLogoutUrl())
.addLogoutHandler((req, res, auth) -> CrustContext.invalidate())
.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
} else {
// 自定义session方式登录
http.httpBasic().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint(props.getLoginUrl()))
.and()
.sessionManagement()
.sessionFixation().changeSessionId()
.sessionAuthenticationErrorUrl(props.getLoginUrl())
.sessionAuthenticationFailureHandler(authFailureHandler().get()).and()
.logout()
.logoutUrl(props.getLogoutUrl())
.addLogoutHandler((req, res, auth) -> CrustContext.invalidate())
.logoutSuccessUrl(props.getLoginUrl())
.invalidateHttpSession(true);
}
}
Example #21
| Source File: MolgenisWebAppSecurityConfig.java From molgenis with GNU Lesser General Public License v3.0 | 4 votes |
|
@Bean
public LoginUrlAuthenticationEntryPoint authenticationEntryPoint() {
return new AjaxAwareLoginUrlAuthenticationEntryPoint(MolgenisLoginController.URI);
}
Example #22
| Source File: MultipleEntryPointsSecurityConfig.java From tutorials with MIT License | 4 votes |
|
@Bean
public AuthenticationEntryPoint loginUrlauthenticationEntryPoint(){
return new LoginUrlAuthenticationEntryPoint("/userLogin");
}
Example #23
| Source File: MultipleEntryPointsSecurityConfig.java From tutorials with MIT License | 4 votes |
|
@Bean
public AuthenticationEntryPoint loginUrlauthenticationEntryPointWithWarning(){
return new LoginUrlAuthenticationEntryPoint("/userLoginWithWarning");
}
