org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint#setRealmName

Source File: SecurityConfiguration.java From cloud-security-xsuaa-integration with Apache License 2.0

6 votes

@Override
protected void configure(HttpSecurity http) throws Exception {

	//enforce browser login popup with basic authentication
	BasicAuthenticationEntryPoint authEntryPoint = new BasicAuthenticationEntryPoint();
	authEntryPoint.setRealmName("spring-security-basic-auth");

	// @formatter:off
	http.authorizeRequests()
			.antMatchers("/hello-token").hasAuthority("Display")
			.anyRequest().authenticated()
		.and()
			.sessionManagement()
			.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
		.and().exceptionHandling().authenticationEntryPoint(authEntryPoint).and()
			.oauth2ResourceServer()
			.bearerTokenResolver(getTokenBrokerResolver())
			.jwt()
			.jwtAuthenticationConverter(jwtAuthenticationConverter());

	// @formatter:on
}

Source File: BasicSpringSecurityConfig.java From freeacs with MIT License

4 votes

private BasicAuthenticationEntryPoint basicEntryPoint() {
    BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthenticationEntryPoint.setRealmName("FreeACS");
    return basicAuthenticationEntryPoint;
}

Source File: BasicAuthConfig.java From ods-provisioning-app with Apache License 2.0

4 votes

@Bean
public BasicAuthenticationEntryPoint basicAuthEntryPoint() {
  BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint();
  entryPoint.setRealmName(idManagerRealm);
  return entryPoint;
}

Source File: BasicAuthSecurityTestConfig.java From ods-provisioning-app with Apache License 2.0

4 votes

@Bean
public BasicAuthenticationEntryPoint basicAuthenticationEntryPoint() {
  BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint();
  entryPoint.setRealmName(TEST_REALM);
  return entryPoint;
}

Source File: BasicAuthenticationSpringConfiguration.java From promregator with Apache License 2.0

4 votes

@Bean
public BasicAuthenticationEntryPoint basicAuthEntryPoint() {
	BasicAuthenticationEntryPoint bauth = new BasicAuthenticationEntryPoint();
	bauth.setRealmName("Promregator");
	return bauth;
}

Source File: SkipperOAuthSecurityConfiguration.java From spring-cloud-skipper with Apache License 2.0

4 votes

@Override
protected void configure(HttpSecurity http) throws Exception {

	final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
	basicAuthenticationEntryPoint.setRealmName(SecurityConfigUtils.BASIC_AUTH_REALM_NAME);
	basicAuthenticationEntryPoint.afterPropertiesSet();

	if (opaqueTokenIntrospector != null) {
		BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter(
				providerManager(), basicAuthenticationEntryPoint);
		http.addFilter(basicAuthenticationFilter);
	}

	this.authorizationProperties.getAuthenticatedPaths().add(dashboard("/**"));
	this.authorizationProperties.getAuthenticatedPaths().add(dashboard(""));

	ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry security =
			http.authorizeRequests()
					.antMatchers(this.authorizationProperties.getPermitAllPaths().toArray(new String[0]))
					.permitAll()
	.antMatchers(this.authorizationProperties.getAuthenticatedPaths().toArray(new String[0]))
	.authenticated();

	security = SecurityConfigUtils.configureSimpleSecurity(security, this.authorizationProperties);
	security.anyRequest().denyAll();

	http.httpBasic().and()
			.logout()
			.logoutSuccessUrl(dashboard("/logout-success-oauth.html"))
			.and().csrf().disable()
			.exceptionHandling()
			.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/api/**"))
			.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/actuator/**"));

	if (opaqueTokenIntrospector != null) {
		http.oauth2ResourceServer()
			.opaqueToken()
				.introspector(opaqueTokenIntrospector());
	} else if (oAuth2ResourceServerProperties.getJwt().getJwkSetUri() != null) {
		http.oauth2ResourceServer()
			.jwt()
				.jwtAuthenticationConverter(grantedAuthoritiesExtractor());
	}

	this.securityStateBean.setAuthenticationEnabled(true);
}

Source File: BasicAuthSecurityConfiguration.java From spring-cloud-dashboard with Apache License 2.0

4 votes

@Override
protected void configure(HttpSecurity http) throws Exception {
	final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher(
			contentNegotiationStrategy,
			MediaType.TEXT_HTML);

	final String loginPage = dashboard("/#/login");

	final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
	basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
	basicAuthenticationEntryPoint.afterPropertiesSet();

	http
		.csrf()
		.disable()
		.authorizeRequests()
		.antMatchers("/")
		.authenticated()
		.antMatchers(
				dashboard("/**"),
				"/authenticate",
				"/security/info",
				"/features",
				"/assets/**").permitAll()
	.and()
		.formLogin().loginPage(loginPage)
		.loginProcessingUrl(dashboard("/login"))
		.defaultSuccessUrl(dashboard("/")).permitAll()
	.and()
		.logout().logoutUrl(dashboard("/logout"))
			.logoutSuccessUrl(dashboard("/logout-success.html"))
		.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll()
	.and().httpBasic()
		.and().exceptionHandling()
		.defaultAuthenticationEntryPointFor(
				new LoginUrlAuthenticationEntryPoint(loginPage),
				textHtmlMatcher)
		.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint,
				AnyRequestMatcher.INSTANCE)
	.and()
		.authorizeRequests()
		.anyRequest().authenticated();

	final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>(
			sessionRepository());
	sessionRepositoryFilter
			.setHttpSessionStrategy(new HeaderHttpSessionStrategy());

	http.addFilterBefore(sessionRepositoryFilter,
			ChannelProcessingFilter.class).csrf().disable();
	http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}

Source File: SecurityManagedConfiguration.java From hawkbit with Eclipse Public License 1.0

4 votes

@Override
protected void configure(final HttpSecurity http) throws Exception {

    HttpSecurity httpSec = http.regexMatcher("\\/rest.*|\\/system/admin.*").csrf().disable();

    if (securityProperties.getCors().isEnabled()) {
        httpSec = httpSec.cors().and();
    }

    if (securityProperties.isRequireSsl()) {
        httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and();
    }

    httpSec.authorizeRequests().anyRequest().authenticated()
            .antMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
            .hasAnyAuthority(SpPermission.SYSTEM_ADMIN);

    if (oidcBearerTokenAuthenticationFilter != null) {

        // Only get the first client registration. Testing against every
        // client could increase the
        // attack vector
        ClientRegistration clientRegistration = null;
        for (final ClientRegistration cr : clientRegistrationRepository) {
            clientRegistration = cr;
            break;
        }

        Assert.notNull(clientRegistration, "There must be a valid client registration");
        httpSec.oauth2ResourceServer().jwt().jwkSetUri(clientRegistration.getProviderDetails().getJwkSetUri());

        oidcBearerTokenAuthenticationFilter.setClientRegistration(clientRegistration);

        httpSec.addFilterAfter(oidcBearerTokenAuthenticationFilter, BearerTokenAuthenticationFilter.class);
    } else {
        final BasicAuthenticationEntryPoint basicAuthEntryPoint = new BasicAuthenticationEntryPoint();
        basicAuthEntryPoint.setRealmName(securityProperties.getBasicRealm());

        httpSec.addFilterBefore(new Filter() {
            @Override
            public void init(final FilterConfig filterConfig) throws ServletException {
                userAuthenticationFilter.init(filterConfig);
            }

            @Override
            public void doFilter(final ServletRequest request, final ServletResponse response,
                    final FilterChain chain) throws IOException, ServletException {
                userAuthenticationFilter.doFilter(request, response, chain);
            }

            @Override
            public void destroy() {
                userAuthenticationFilter.destroy();
            }
        }, RequestHeaderAuthenticationFilter.class);
        httpSec.httpBasic().and().exceptionHandling().authenticationEntryPoint(basicAuthEntryPoint);
    }

    httpSec.addFilterAfter(
            new AuthenticationSuccessTenantMetadataCreationFilter(systemManagement, systemSecurityContext),
            SessionManagementFilter.class);

    httpSec.anonymous().disable();
    httpSec.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}

Source File: AtlasSecurityConfig.java From incubator-atlas with Apache License 2.0

4 votes

public BasicAuthenticationEntryPoint getAuthenticationEntryPoint() {
    BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthenticationEntryPoint.setRealmName("atlas.com");
    return basicAuthenticationEntryPoint;
}

Source File: MultipleEntryPointsSecurityConfig.java From tutorials with MIT License

4 votes

@Bean
public AuthenticationEntryPoint authenticationEntryPoint(){
    BasicAuthenticationEntryPoint entryPoint = new  BasicAuthenticationEntryPoint();
    entryPoint.setRealmName("admin realm");
    return entryPoint;
}

Java Code Examples for org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint#setRealmName()