org.springframework.security.authentication.ReactiveAuthenticationManager Java Examples

The following examples show how to use org.springframework.security.authentication.ReactiveAuthenticationManager. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ResourceServerConfiguration.java    From microservices-platform with Apache License 2.0 5 votes vote down vote up
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
    //认证处理器
    ReactiveAuthenticationManager customAuthenticationManager = new CustomAuthenticationManager(tokenStore);
    JsonAuthenticationEntryPoint entryPoint = new JsonAuthenticationEntryPoint();
    //token转换器
    ServerBearerTokenAuthenticationConverter tokenAuthenticationConverter = new ServerBearerTokenAuthenticationConverter();
    tokenAuthenticationConverter.setAllowUriQueryParameter(true);
    //oauth2认证过滤器
    AuthenticationWebFilter oauth2Filter = new AuthenticationWebFilter(customAuthenticationManager);
    oauth2Filter.setServerAuthenticationConverter(tokenAuthenticationConverter);
    oauth2Filter.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint));
    oauth2Filter.setAuthenticationSuccessHandler(new Oauth2AuthSuccessHandler());
    http.addFilterAt(oauth2Filter, SecurityWebFiltersOrder.AUTHENTICATION);

    ServerHttpSecurity.AuthorizeExchangeSpec authorizeExchange = http.authorizeExchange();
    if (securityProperties.getAuth().getHttpUrls().length > 0) {
        authorizeExchange.pathMatchers(securityProperties.getAuth().getHttpUrls()).authenticated();
    }
    if (securityProperties.getIgnore().getUrls().length > 0) {
        authorizeExchange.pathMatchers(securityProperties.getIgnore().getUrls()).permitAll();
    }
    authorizeExchange
            .pathMatchers(HttpMethod.OPTIONS).permitAll()
            .anyExchange()
                .access(permissionAuthManager)
            .and()
                .exceptionHandling()
                    .accessDeniedHandler(new JsonAccessDeniedHandler())
                    .authenticationEntryPoint(entryPoint)
            .and()
                .headers()
                    .frameOptions()
                    .disable()
            .and()
                .httpBasic().disable()
                .csrf().disable();
    return http.build();
}
 
Example #2
Source File: JwtAuthenticationWebFilter.java    From webFluxTemplate with MIT License 5 votes vote down vote up
public JwtAuthenticationWebFilter(final ReactiveAuthenticationManager authenticationManager,
                                  final JwtAuthenticationConverter converter,
                                  final UnauthorizedAuthenticationEntryPoint entryPoint) {

    super(authenticationManager);

    Assert.notNull(authenticationManager, "authenticationManager cannot be null");
    Assert.notNull(converter, "converter cannot be null");
    Assert.notNull(entryPoint, "entryPoint cannot be null");

    setAuthenticationConverter(converter);
    setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint));
    setRequiresAuthenticationMatcher(new JWTHeadersExchangeMatcher());
}
 
Example #3
Source File: SecurityConfig.java    From spring-5-examples with MIT License 5 votes vote down vote up
WebFilter securityFilterChainJustRoleWay(final ReactiveAuthenticationManager reactiveAuthenticationManager) {

    return HttpSecurity.http()
                       .authorizeExchange()
                         .pathMatchers("/**")
                         .hasRole("ADMIN")
                       .and()
                       .httpBasic()
                       .authenticationManager(reactiveAuthenticationManager)
                       .build();
  }
 
Example #4
Source File: Application.java    From spring-security-reactive with Apache License 2.0 5 votes vote down vote up
@Bean
WebFilter springSecurityFilterChain(ReactiveAuthenticationManager manager) throws Exception {
	HttpSecurity http = http();
	// FIXME use BeanPostProcessor to set the manager
	http.authenticationManager(manager);
	http.httpBasic();

	AuthorizeRequestBuilder authorize = http.authorizeRequests();
	authorize.antMatchers("/admin/**").hasRole("ADMIN");
	authorize.anyExchange().authenticated();
	return http.build();
}
 
Example #5
Source File: WebSecurityConfiguration.java    From spring-auto-restdocs with Apache License 2.0 5 votes vote down vote up
@Bean
protected ReactiveAuthenticationManager reactiveAuthenticationManager() {
    return authentication -> {
        try {
            UserDetails userDetails = userDetailsService
                    .loadUserByUsername((String) authentication.getPrincipal());
            if (userDetails.getPassword().equals(authentication.getCredentials())) {
                authentication.setAuthenticated(true);
            }
            return Mono.just(authentication);
        } catch (UsernameNotFoundException e) {
            return Mono.error(e);
        }
    };
}
 
Example #6
Source File: CustomWebSecurityConfig.java    From tutorials with MIT License 5 votes vote down vote up
public ReactiveAuthenticationManager customersAuthenticationManager() {
    return authentication -> customer(authentication)
      .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
        .getPrincipal()
        .toString())))
      .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
          authentication.getCredentials(),
          Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
        )
      );
}
 
Example #7
Source File: CustomWebSecurityConfig.java    From tutorials with MIT License 5 votes vote down vote up
public ReactiveAuthenticationManager employeesAuthenticationManager() {
    return authentication -> employee(authentication)
      .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
        .getPrincipal()
        .toString())))
      .map(
        b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
          authentication.getCredentials(),
          Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
        )
      );
}
 
Example #8
Source File: GossipApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Bean
public ReactiveAuthenticationManager authenticationManager(ReactiveUserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
	UserDetailsRepositoryReactiveAuthenticationManager manager = new UserDetailsRepositoryReactiveAuthenticationManager(userDetailsService);
	manager.setPasswordEncoder(passwordEncoder);
	return manager;
}
 
Example #9
Source File: GossipApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Bean
public ReactiveAuthenticationManager authenticationManager(ReactiveUserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
	UserDetailsRepositoryReactiveAuthenticationManager manager = new UserDetailsRepositoryReactiveAuthenticationManager(userDetailsService);
	manager.setPasswordEncoder(passwordEncoder);
	return manager;
}
 
Example #10
Source File: SecurityConfig.java    From spring-5-examples with MIT License 4 votes vote down vote up
/**
 * Authentication
 */

@Bean
ReactiveAuthenticationManager reactiveAuthenticationManager(final UserDetailsRepository userDetailsRepository) {
  return new UserDetailsRepositoryAuthenticationManager(userDetailsRepository);
}
 
Example #11
Source File: AuthenticationWebFilter.java    From spring-security-reactive with Apache License 2.0 4 votes vote down vote up
public void setAuthenticationManager(ReactiveAuthenticationManager authenticationManager) {
	this.authenticationManager = authenticationManager;
}
 
Example #12
Source File: HttpSecurity.java    From spring-security-reactive with Apache License 2.0 4 votes vote down vote up
public HttpSecurity authenticationManager(ReactiveAuthenticationManager manager) {
	this.authenticationManager = manager;
	return this;
}
 
Example #13
Source File: Application.java    From spring-security-reactive with Apache License 2.0 4 votes vote down vote up
@Bean
public ReactiveAuthenticationManager authenticationManager(UserRepositoryUserDetailsRepository udr) {
	return new UserDetailsAuthenticationManager(udr);
}