org.springframework.security.cas.web.CasAuthenticationFilter Java Examples
The following examples show how to use
org.springframework.security.cas.web.CasAuthenticationFilter.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SecurityConfiguration.java From demo-spring-security-cas with Apache License 2.0 | 6 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterAfter(new CsrfCookieGeneratorFilter(), CsrfFilter.class).exceptionHandling()
.authenticationEntryPoint(casAuthenticationEntryPoint()).and().addFilter(casAuthenticationFilter())
.addFilterBefore(singleSignOutFilter(), CasAuthenticationFilter.class)
.addFilterBefore(requestCasGlobalLogoutFilter(), LogoutFilter.class);
http.headers().frameOptions().disable().authorizeRequests().antMatchers("/").permitAll()
.antMatchers("/login", "/logout", "/secure").authenticated().antMatchers("/filtered")
.hasAuthority(AuthoritiesConstants.ADMIN).anyRequest().authenticated();
/**
* <logout invalidate-session="true" delete-cookies="JSESSIONID" />
*/
http.logout().logoutUrl("/logout").logoutSuccessUrl("/").invalidateHttpSession(true)
.deleteCookies("JSESSIONID");
// http.csrf();
}
Example #2
| Source File: WebSecurityConfig.java From dubbo-postman with MIT License | 5 votes |
|
/**
* 认证过滤器
*/
public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setAuthenticationManager(authenticationManager());
filter.setFilterProcessesUrl("/cas_security_check");
return filter;
}
Example #3
| Source File: WebSecurityConfig.java From tutorials with MIT License | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers( "/secured", "/login").authenticated()
.and()
.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint())
.and()
.addFilterBefore(singleSignOutFilter, CasAuthenticationFilter.class)
.addFilterBefore(logoutFilter, LogoutFilter.class)
.csrf().ignoringAntMatchers("/exit/cas");
}
Example #4
| Source File: CasSecuredApplication.java From tutorials with MIT License | 5 votes |
|
@Bean
public CasAuthenticationFilter casAuthenticationFilter(
AuthenticationManager authenticationManager,
ServiceProperties serviceProperties) throws Exception {
CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setAuthenticationManager(authenticationManager);
filter.setServiceProperties(serviceProperties);
return filter;
}
Example #5
| Source File: CasConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@Bean
public CasAuthenticationFilter casFilter() {
CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
casAuthenticationFilter.setAuthenticationManager(authenticationManager);
casAuthenticationFilter.setFilterProcessesUrl("/login");
return casAuthenticationFilter;
}
Example #6
| Source File: CasConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@Bean
public CasAuthenticationFilter casFilter() {
CasAuthenticationFilter caf = new CasAuthenticationFilter();
caf.setAuthenticationManager(authenticationManager);
caf.setFilterProcessesUrl("/login");
caf.setProxyGrantingTicketStorage(pgtStorage());
caf.setProxyReceptorUrl("/pgtUrl");
caf.setServiceProperties(serviceProperties());
caf.setAuthenticationDetailsSource(
new ServiceAuthenticationDetailsSource(
serviceProperties())
);
return caf;
}
Example #7
| Source File: CasConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@Bean
public CasAuthenticationFilter casFilter() {
CasAuthenticationFilter caf = new CasAuthenticationFilter();
caf.setAuthenticationManager(authenticationManager);
caf.setFilterProcessesUrl("/login");
caf.setProxyGrantingTicketStorage(pgtStorage());
caf.setProxyReceptorUrl("/pgtUrl");
caf.setServiceProperties(serviceProperties());
caf.setAuthenticationDetailsSource(
new ServiceAuthenticationDetailsSource(
serviceProperties())
);
return caf;
}
Example #8
| Source File: CasConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@Bean
public CasAuthenticationFilter casFilter() {
CasAuthenticationFilter caf = new CasAuthenticationFilter();
caf.setAuthenticationManager(authenticationManager);
caf.setFilterProcessesUrl("/login");
caf.setProxyGrantingTicketStorage(pgtStorage());
caf.setProxyReceptorUrl("/pgtUrl");
caf.setServiceProperties(serviceProperties());
caf.setAuthenticationDetailsSource(
new ServiceAuthenticationDetailsSource(
serviceProperties())
);
return caf;
}
Example #9
| Source File: CasConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@Bean
public CasAuthenticationFilter casFilter() {
CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
casAuthenticationFilter.setAuthenticationManager(authenticationManager);
casAuthenticationFilter.setFilterProcessesUrl("/login");
return casAuthenticationFilter;
}
Example #10
| Source File: CasConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@Bean
public CasAuthenticationFilter casFilter() {
CasAuthenticationFilter caf = new CasAuthenticationFilter();
caf.setAuthenticationManager(authenticationManager);
caf.setFilterProcessesUrl("/login");
caf.setProxyGrantingTicketStorage(pgtStorage());
caf.setProxyReceptorUrl("/pgtUrl");
return caf;
}
Example #11
| Source File: SecurityConfiguration.java From cymbal with Apache License 2.0 | 5 votes |
|
@Bean
public FilterRegistrationBean casAuthenticationFilterRegistrationBean(
final CasAuthenticationFilter casAuthenticationFilter) {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(casAuthenticationFilter);
filterRegistrationBean.addUrlPatterns("/*");
filterRegistrationBean.setOrder(3);
return filterRegistrationBean;
}
Example #12
| Source File: SecurityConfig.java From Spring-Security-Third-Edition with MIT License | 4 votes |
|
/**
* HTTP Security configuration
*
* <pre><http auto-config="true"></pre> is equivalent to:
* <pre>
* <http>
* <form-login />
* <http-basic />
* <logout />
* </http>
* </pre>
*
* Which is equivalent to the following JavaConfig:
*
* <pre>
* http.formLogin()
* .and().httpBasic()
* .and().logout();
* </pre>
*
* @param http HttpSecurity configuration.
* @throws Exception Authentication configuration exception
*
* @see <a href="http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-jc.html">
* Spring Security 3 to 4 migration</a>
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Matching
http.authorizeRequests()
// FIXME: TODO: Allow anyone to use H2 (NOTE: NOT FOR PRODUCTION USE EVER !!! )
.antMatchers("/admin/h2/**").permitAll()
.antMatchers("/").permitAll()
.antMatchers("/login/*").permitAll()
.antMatchers("/logout").permitAll()
.antMatchers("/signup/*").permitAll()
.antMatchers("/errors/**").permitAll()
.antMatchers("/admin/*").access("hasRole('ADMIN') and isFullyAuthenticated()")
.antMatchers("/events/").hasRole("ADMIN")
.antMatchers("/**").hasRole("USER");
http.addFilterAt(casFilter, CasAuthenticationFilter.class);
http.addFilterBefore(singleSignOutFilter, LogoutFilter.class);
// Logout
http.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(casServerLogout)
.permitAll();
// Anonymous
http.anonymous();
// CSRF is enabled by default, with Java Config
http.csrf().disable();
// Exception Handling
http.exceptionHandling()
.authenticationEntryPoint(casAuthenticationEntryPoint)
.accessDeniedPage("/errors/403")
;
// Enable <frameset> in order to use H2 web console
http.headers().frameOptions().disable();
}
Example #13
| Source File: SecurityConfig.java From Spring-Security-Third-Edition with MIT License | 4 votes |
|
/**
* HTTP Security configuration
*
* <pre><http auto-config="true"></pre> is equivalent to:
* <pre>
* <http>
* <form-login />
* <http-basic />
* <logout />
* </http>
* </pre>
*
* Which is equivalent to the following JavaConfig:
*
* <pre>
* http.formLogin()
* .and().httpBasic()
* .and().logout();
* </pre>
*
* @param http HttpSecurity configuration.
* @throws Exception Authentication configuration exception
*
* @see <a href="http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-jc.html">
* Spring Security 3 to 4 migration</a>
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Matching
http.authorizeRequests()
// FIXME: TODO: Allow anyone to use H2 (NOTE: NOT FOR PRODUCTION USE EVER !!! )
.antMatchers("/admin/h2/**").permitAll()
.antMatchers("/").permitAll()
.antMatchers("/login/*").permitAll()
.antMatchers("/logout").permitAll()
.antMatchers("/signup/*").permitAll()
.antMatchers("/errors/**").permitAll()
.antMatchers("/admin/*").access("hasRole('ADMIN') and isFullyAuthenticated()")
.antMatchers("/events/").hasRole("ADMIN")
.antMatchers("/**").hasRole("USER");
http.addFilterAt(casFilter, CasAuthenticationFilter.class);
http.addFilterBefore(singleSignOutFilter, LogoutFilter.class);
// Logout
http.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(casServerLogout)
.permitAll();
// Anonymous
http.anonymous();
// CSRF is enabled by default, with Java Config
http.csrf().disable();
// Exception Handling
http.exceptionHandling()
.authenticationEntryPoint(casAuthenticationEntryPoint)
.accessDeniedPage("/errors/403")
;
// Enable <frameset> in order to use H2 web console
http.headers().frameOptions().disable();
}
Example #14
| Source File: SecurityConfig.java From Spring-Security-Third-Edition with MIT License | 4 votes |
|
/**
* HTTP Security configuration
*
* <pre><http auto-config="true"></pre> is equivalent to:
* <pre>
* <http>
* <form-login />
* <http-basic />
* <logout />
* </http>
* </pre>
*
* Which is equivalent to the following JavaConfig:
*
* <pre>
* http.formLogin()
* .and().httpBasic()
* .and().logout();
* </pre>
*
* @param http HttpSecurity configuration.
* @throws Exception Authentication configuration exception
*
* @see <a href="http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-jc.html">
* Spring Security 3 to 4 migration</a>
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Matching
http.authorizeRequests()
// FIXME: TODO: Allow anyone to use H2 (NOTE: NOT FOR PRODUCTION USE EVER !!! )
.antMatchers("/admin/h2/**").permitAll()
.antMatchers("/").permitAll()
.antMatchers("/login/*").permitAll()
.antMatchers("/logout").permitAll()
.antMatchers("/signup/*").permitAll()
.antMatchers("/errors/**").permitAll()
.antMatchers("/admin/*").access("hasRole('ADMIN') and isFullyAuthenticated()")
.antMatchers("/events/").hasRole("ADMIN")
.antMatchers("/**").hasRole("USER");
http.addFilterAt(casFilter, CasAuthenticationFilter.class);
http.addFilterBefore(singleSignOutFilter, LogoutFilter.class);
// Logout
http.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(casServerLogout)
.permitAll();
// Anonymous
http.anonymous();
// CSRF is enabled by default, with Java Config
http.csrf().disable();
// Exception Handling
http.exceptionHandling()
.authenticationEntryPoint(casAuthenticationEntryPoint)
.accessDeniedPage("/errors/403")
;
// Enable <frameset> in order to use H2 web console
http.headers().frameOptions().disable();
}
Example #15
| Source File: SecurityConfig.java From Spring-Security-Third-Edition with MIT License | 4 votes |
|
/**
* HTTP Security configuration
*
* <pre><http auto-config="true"></pre> is equivalent to:
* <pre>
* <http>
* <form-login />
* <http-basic />
* <logout />
* </http>
* </pre>
*
* Which is equivalent to the following JavaConfig:
*
* <pre>
* http.formLogin()
* .and().httpBasic()
* .and().logout();
* </pre>
*
* @param http HttpSecurity configuration.
* @throws Exception Authentication configuration exception
*
* @see <a href="http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-jc.html">
* Spring Security 3 to 4 migration</a>
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Matching
http.authorizeRequests()
// FIXME: TODO: Allow anyone to use H2 (NOTE: NOT FOR PRODUCTION USE EVER !!! )
.antMatchers("/admin/h2/**").permitAll()
.antMatchers("/").permitAll()
.antMatchers("/login/*").permitAll()
.antMatchers("/logout").permitAll()
.antMatchers("/signup/*").permitAll()
.antMatchers("/errors/**").permitAll()
.antMatchers("/admin/*").access("hasRole('ADMIN') and isFullyAuthenticated()")
.antMatchers("/events/").hasRole("ADMIN")
.antMatchers("/**").hasRole("USER");
// Login
/*http.formLogin()
.loginPage("/login/form")
.loginProcessingUrl("/login")
.failureUrl("/login/form?error")
.usernameParameter("username")
.passwordParameter("password")
.defaultSuccessUrl("/default", true)
.permitAll();*/
// Logout
http.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/login/form?logout")
.deleteCookies("JSESSIONID").invalidateHttpSession(true)
.permitAll();
// Anonymous
http.anonymous();
// CSRF is enabled by default, with Java Config
http.csrf().disable();
http.addFilterAt(casFilter, CasAuthenticationFilter.class);
// Exception Handling
http.exceptionHandling()
.authenticationEntryPoint(casAuthenticationEntryPoint)
.accessDeniedPage("/errors/403")
;
// Enable <frameset> in order to use H2 web console
http.headers().frameOptions().disable();
}
Example #16
| Source File: SecurityConfig.java From Spring-Security-Third-Edition with MIT License | 4 votes |
|
/**
* HTTP Security configuration
*
* <pre><http auto-config="true"></pre> is equivalent to:
* <pre>
* <http>
* <form-login />
* <http-basic />
* <logout />
* </http>
* </pre>
*
* Which is equivalent to the following JavaConfig:
*
* <pre>
* http.formLogin()
* .and().httpBasic()
* .and().logout();
* </pre>
*
* @param http HttpSecurity configuration.
* @throws Exception Authentication configuration exception
*
* @see <a href="http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-jc.html">
* Spring Security 3 to 4 migration</a>
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Matching
http.authorizeRequests()
// FIXME: TODO: Allow anyone to use H2 (NOTE: NOT FOR PRODUCTION USE EVER !!! )
.antMatchers("/admin/h2/**").permitAll()
.antMatchers("/").permitAll()
.antMatchers("/login/*").permitAll()
.antMatchers("/logout").permitAll()
.antMatchers("/signup/*").permitAll()
.antMatchers("/errors/**").permitAll()
.antMatchers("/admin/*").access("hasRole('ADMIN') and isFullyAuthenticated()")
.antMatchers("/events/").hasRole("ADMIN")
.antMatchers("/**").hasRole("USER");
http.addFilterAt(casFilter, CasAuthenticationFilter.class);
http.addFilterBefore(singleSignOutFilter, LogoutFilter.class);
// Logout
http.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(casServerLogout)
.permitAll();
// Anonymous
http.anonymous();
// CSRF is enabled by default, with Java Config
http.csrf().disable();
// Exception Handling
http.exceptionHandling()
.authenticationEntryPoint(casAuthenticationEntryPoint)
.accessDeniedPage("/errors/403")
;
// Enable <frameset> in order to use H2 web console
http.headers().frameOptions().disable();
}
Example #17
| Source File: SecurityConfig.java From Spring-Security-Third-Edition with MIT License | 4 votes |
|
/**
* HTTP Security configuration
*
* <pre><http auto-config="true"></pre> is equivalent to:
* <pre>
* <http>
* <form-login />
* <http-basic />
* <logout />
* </http>
* </pre>
*
* Which is equivalent to the following JavaConfig:
*
* <pre>
* http.formLogin()
* .and().httpBasic()
* .and().logout();
* </pre>
*
* @param http HttpSecurity configuration.
* @throws Exception Authentication configuration exception
*
* @see <a href="http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-jc.html">
* Spring Security 3 to 4 migration</a>
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Matching
http.authorizeRequests()
// FIXME: TODO: Allow anyone to use H2 (NOTE: NOT FOR PRODUCTION USE EVER !!! )
.antMatchers("/admin/h2/**").permitAll()
.antMatchers("/").permitAll()
.antMatchers("/login/*").permitAll()
.antMatchers("/logout").permitAll()
.antMatchers("/signup/*").permitAll()
.antMatchers("/errors/**").permitAll()
.antMatchers("/admin/*").access("hasRole('ADMIN') and isFullyAuthenticated()")
.antMatchers("/events/").hasRole("ADMIN")
.antMatchers("/**").hasRole("USER");
http.addFilterAt(casFilter, CasAuthenticationFilter.class);
http.addFilterBefore(singleSignOutFilter, LogoutFilter.class);
// Logout
http.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(casServerLogout)
.permitAll();
// Anonymous
http.anonymous();
// CSRF is enabled by default, with Java Config
http.csrf().disable();
// Exception Handling
http.exceptionHandling()
.authenticationEntryPoint(casAuthenticationEntryPoint)
.accessDeniedPage("/errors/403")
;
// Enable <frameset> in order to use H2 web console
http.headers().frameOptions().disable();
}
Example #18
| Source File: SpringWebConfig.java From we-cmdb with Apache License 2.0 | 4 votes |
|
public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setAuthenticationManager(authenticationManager());
return filter;
}
