org.springframework.security.web.FilterChainProxy Java Exaples

Source File: OAuth2Configuration.java From okta-jhipster-microservices-oauth-example with Apache License 2.0

6 votes

@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
    if (bean instanceof FilterChainProxy) {

        FilterChainProxy chains = (FilterChainProxy) bean;

        for (SecurityFilterChain chain : chains.getFilterChains()) {
            for (Filter filter : chain.getFilters()) {
                if (filter instanceof OAuth2ClientAuthenticationProcessingFilter) {
                    OAuth2ClientAuthenticationProcessingFilter oAuth2ClientAuthenticationProcessingFilter =
                        (OAuth2ClientAuthenticationProcessingFilter) filter;
                    oAuth2ClientAuthenticationProcessingFilter
                        .setAuthenticationSuccessHandler(new OAuth2AuthenticationSuccessHandler());
                }
            }
        }
    }
    return bean;
}

Source File: InsightsSecurityConfigurationAdapter.java From Insights with Apache License 2.0

6 votes

/**
 * Used to add necessary filter for Grafana Authentication
 * 
 * @return
 * @throws Exception
 */
@Bean
@Conditional(InsightsNativeBeanInitializationCondition.class)
public FilterChainProxy insightsFilter() throws Exception {
	LOG.debug("message Inside FilterChainProxy, initial bean InsightsSecurityConfigurationAdapter **** ");

	List<Filter> filters = new ArrayList<>();
	filters.add(0, new InsightsCustomCsrfFilter());
	filters.add(1, new InsightsCrossScriptingFilter());
	filters.add(2, insightsProcessingFilter());
	filters.add(3, new InsightsResponseHeaderWriterFilter());

	AuthenticationUtils
			.setSecurityFilterchain(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/**"), filters));//chains.add

	return new FilterChainProxy(AuthenticationUtils.getSecurityFilterchains());
}

Source File: WebSecurityConfig.java From spring-tsers-auth with Apache License 2.0

6 votes

@Bean
public FilterChainProxy samlFilter() throws Exception {
    List<SecurityFilterChain> chains = new ArrayList<SecurityFilterChain>();
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
            samlEntryPoint()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
            samlLogoutFilter()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/metadata/**"),
            metadataDisplayFilter()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
            samlWebSSOProcessingFilter()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSOHoK/**"),
            samlWebSSOHoKProcessingFilter()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SingleLogout/**"),
            samlLogoutProcessingFilter()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
            samlIDPDiscovery()));
    return new FilterChainProxy(chains);
}

Source File: SAMLConfigurer.java From spring-security-saml-dsl with MIT License

6 votes

private FilterChainProxy samlFilter(SAMLEntryPoint samlEntryPoint, SAMLLogoutFilter samlLogoutFilter,
									SAMLLogoutProcessingFilter samlLogoutProcessingFilter, SAMLContextProvider contextProvider) {
	List<SecurityFilterChain> chains = new ArrayList<>();
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
		samlEntryPoint));
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
		samlLogoutFilter));
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/metadata/**"),
		metadataDisplayFilter(contextProvider)));
	try {
		chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
			samlWebSSOProcessingFilter(samlAuthenticationProvider, contextProvider, samlProcessor)));
	} catch (Exception e) {
		e.printStackTrace();
	}
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SingleLogout/**"),
			samlLogoutProcessingFilter));
	SAMLDiscovery samlDiscovery = new SAMLDiscovery();
	samlDiscovery.setMetadata(cachingMetadataManager);
	samlDiscovery.setContextProvider(contextProvider);
	chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
		samlDiscovery));
	return new FilterChainProxy(chains);
}

Source File: SecurityFilterConfig.java From cosmo with Apache License 2.0

6 votes

@Bean
public FilterRegistrationBean<?> securityFilterChain() {
    FilterSecurityInterceptor securityFilter = new FilterSecurityInterceptor();
    securityFilter.setAuthenticationManager(this.authManager);
    securityFilter.setAccessDecisionManager(this.davDecisionManager);
    LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> metadata = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
    metadata.put(AnyRequestMatcher.INSTANCE, SecurityConfig.createList(ROLES));
    securityFilter.setSecurityMetadataSource(new DefaultFilterInvocationSecurityMetadataSource(metadata));

    /*
     * Note that the order in which filters are defined is highly important.
     */
    SecurityFilterChain filterChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE,
            this.cosmoExceptionFilter, this.extraTicketFilter, this.ticketFilter,
            new BasicAuthenticationFilter(authManager, this.authEntryPoint), securityFilter);
    FilterChainProxy proxy = new FilterChainProxy(filterChain);
    proxy.setFirewall(this.httpFirewall);
    FilterRegistrationBean<?> filterBean = new FilterRegistrationBean<>(proxy);
    filterBean.addUrlPatterns(PATH_DAV);
    return filterBean;
}

Source File: WebSecurityConfig.java From spring-boot-security-saml-sample with Apache License 2.0

6 votes

/**
* Define the security filter chain in order to support SSO Auth by using SAML 2.0
* 
* @return Filter chain proxy
* @throws Exception
*/
  @Bean
  public FilterChainProxy samlFilter() throws Exception {
      List<SecurityFilterChain> chains = new ArrayList<SecurityFilterChain>();
      chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
              samlEntryPoint()));
      chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
              samlLogoutFilter()));
      chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/metadata/**"),
              metadataDisplayFilter()));
      chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
              samlWebSSOProcessingFilter()));
      chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSOHoK/**"),
              samlWebSSOHoKProcessingFilter()));
      chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SingleLogout/**"),
              samlLogoutProcessingFilter()));
      chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
              samlIDPDiscovery()));
      return new FilterChainProxy(chains);
  }

Source File: AuthenticationHandler.java From blackduck-alert with Apache License 2.0

5 votes

@Bean
public FilterChainProxy samlFilter() throws Exception {
    List<SecurityFilterChain> chains = new ArrayList<>();

    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"), samlEntryPoint()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"), samlWebSSOProcessingFilter()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"), samlLogoutFilter()));
    chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SingleLogout/**"), samlLogoutProcessingFilter()));
    return new AlertFilterChainProxy(chains, samlContext());
}

Source File: InsightsSecurityConfigurationAdapterSAML.java From Insights with Apache License 2.0

5 votes

/**
 * Used to add filter in saml flow, This will call right filter based on Request
 * Matcher pattern
 * 
 * @return
 * @throws Exception
 */
@Bean
@Conditional(InsightsSAMLBeanInitializationCondition.class)
public FilterChainProxy samlFilter() throws Exception {
	LOG.debug("message Inside FilterChainProxy, initial bean **** ");

	AuthenticationUtils.setSecurityFilterchain(
			new DefaultSecurityFilterChain(new AntPathRequestMatcher("/metadata/**"), metadataDisplayFilter()));//chains.add

	AuthenticationUtils.setSecurityFilterchain(
			new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"), samlEntryPoint()));

	AuthenticationUtils.setSecurityFilterchain(new DefaultSecurityFilterChain(
			new AntPathRequestMatcher("/saml/SSO/**"), samlWebSSOProcessingFilter()));

	AuthenticationUtils.setSecurityFilterchain(
			new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"), samlLogoutFilter()));

	AuthenticationUtils.setSecurityFilterchain(new DefaultSecurityFilterChain(
			new AntPathRequestMatcher("/saml/SingleLogout/**"), samlLogoutProcessingFilter()));

	AuthenticationUtils.setSecurityFilterchain(new DefaultSecurityFilterChain(
			new AntPathRequestMatcher("/user/insightsso/**"), insightsSSOProcessingFilter()));

	List<Filter> filters = new ArrayList<>();
	filters.add(0, new InsightsCustomCsrfFilter());
	filters.add(1, new InsightsCrossScriptingFilter());
	filters.add(2, insightsServiceProcessingFilter());
	filters.add(3, new InsightsResponseHeaderWriterFilter());

	AuthenticationUtils
			.setSecurityFilterchain(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/**"), filters));

	return new FilterChainProxy(AuthenticationUtils.getSecurityFilterchains());//chains

}

Source File: InsightsSecurityConfigurationAdapterKerberos.java From Insights with Apache License 2.0

5 votes

/**
 * Used to add filter chain based on Request Matcher
 * 
 * @return
 * @throws Exception
 */
@Bean
@Conditional(InsightsKerberosBeanInitializationCondition.class)
public FilterChainProxy kerberosFilter() throws Exception {
	LOG.debug("message Inside InsightsSecurityConfigurationAdapterKerberos FilterChainProxy, initial bean **** ");

	/*AuthenticationUtils.setSecurityFilterchain(
			new DefaultSecurityFilterChain(new AntPathRequestMatcher("/kerberos/login/**"), spnegoEntryPoint()));*/

	/*AuthenticationUtils.setSecurityFilterchain(new DefaultSecurityFilterChain(
			new AntPathRequestMatcher("/user/insightsso/**"), insightsSSOProcessingFilter()));*/

	List<Filter> filters = new ArrayList<>();
	filters.add(0, new InsightsCustomCsrfFilter());
	filters.add(1, new InsightsCrossScriptingFilter());
	filters.add(2, insightsServiceProcessingFilter());
	filters.add(3, new InsightsResponseHeaderWriterFilter());

	AuthenticationUtils
			.setSecurityFilterchain(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/**"), filters));

	ListIterator<SecurityFilterChain> securityFilters = AuthenticationUtils.getSecurityFilterchains()
			.listIterator();
	while (securityFilters.hasNext()) {
		SecurityFilterChain as = securityFilters.next();
		LOG.debug("message Inside FilterChainProxy, initial bean name {} **** ",
				Arrays.toString(as.getFilters().toArray()));
	}

	return new FilterChainProxy(AuthenticationUtils.getSecurityFilterchains());//chains
}

Source File: AppSpringModuleConfig.java From herd with Apache License 2.0

5 votes

/**
 * Gets a filter chain proxy.
 *
 * @param trustedUserAuthenticationFilter the trusted user authentication filter.
 * @param httpHeaderAuthenticationFilter the HTTP header authentication filter.
 *
 * @return the filter chain proxy.
 */
@Bean
public FilterChainProxy filterChainProxy(final TrustedUserAuthenticationFilter trustedUserAuthenticationFilter,
    final HttpHeaderAuthenticationFilter httpHeaderAuthenticationFilter)
{
    return new FilterChainProxy(new SecurityFilterChain()
    {
        @Override
        public boolean matches(HttpServletRequest request)
        {
            // Match all URLs.
            return true;
        }

        @Override
        public List<Filter> getFilters()
        {
            List<Filter> filters = new ArrayList<>();

            // Required filter to store session information between HTTP requests.
            filters.add(new SecurityContextPersistenceFilter());

            // Trusted user filter to bypass security based on SpEL expression environment property.
            filters.add(trustedUserAuthenticationFilter);

            // Filter that authenticates based on http headers.
            if (Boolean.valueOf(configurationHelper.getProperty(ConfigurationValue.SECURITY_HTTP_HEADER_ENABLED)))
            {
                filters.add(httpHeaderAuthenticationFilter);
            }

            // Anonymous user filter.
            filters.add(new AnonymousAuthenticationFilter("AnonymousFilterKey"));

            return filters;
        }
    });
}

Source File: MainController.java From tutorials with MIT License

5 votes

@RequestMapping(method = RequestMethod.GET, value = "/filters")
@ResponseBody
public void getFilters() {
    FilterChainProxy filterChainProxy = (FilterChainProxy) springSecurityFilterChain;
    List<SecurityFilterChain> list = filterChainProxy.getFilterChains();
    list.stream()
          .flatMap(chain -> chain.getFilters().stream())
          .forEach(filter -> System.out.println(filter.getClass()));
}

org.springframework.security.web.FilterChainProxy Java Examples