org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter Java Examples

The following examples show how to use org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CustomRolesPrefixPostProcessor.java    From we-cmdb with Apache License 2.0 6 votes vote down vote up
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
    if(bean instanceof Jsr250MethodSecurityMetadataSource) {
        ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(ROLE_PREFIX);
    }
    if(bean instanceof DefaultMethodSecurityExpressionHandler) {
        ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
    }
    if(bean instanceof DefaultWebSecurityExpressionHandler) {
        ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
    }
    if(bean instanceof SecurityContextHolderAwareRequestFilter) {
        ((SecurityContextHolderAwareRequestFilter)bean).setRolePrefix(ROLE_PREFIX);
    }
    return bean;
}
 
Example #2
Source File: CustomRolesPrefixPostProcessor.java    From wecube-platform with Apache License 2.0 6 votes vote down vote up
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
    if(bean instanceof Jsr250MethodSecurityMetadataSource) {
        ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(ROLE_PREFIX);
    }
    if(bean instanceof DefaultMethodSecurityExpressionHandler) {
        ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
    }
    if(bean instanceof DefaultWebSecurityExpressionHandler) {
        ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
    }
    if(bean instanceof SecurityContextHolderAwareRequestFilter) {
        ((SecurityContextHolderAwareRequestFilter)bean).setRolePrefix(ROLE_PREFIX);
    }
    return bean;
}
 
Example #3
Source File: DefaultRolesPrefixPostProcessor.java    From jump-the-queue with Apache License 2.0 6 votes vote down vote up
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {

  // remove this if you are not using JSR-250
  if (bean instanceof Jsr250MethodSecurityMetadataSource) {
    ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(this.rolePrefix);
  }

  if (bean instanceof DefaultMethodSecurityExpressionHandler) {
    ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix);
  }
  if (bean instanceof DefaultWebSecurityExpressionHandler) {
    ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix);
  }
  if (bean instanceof SecurityContextHolderAwareRequestFilter) {
    ((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix(this.rolePrefix);
  }
  return bean;
}
 
Example #4
Source File: DefaultRolesPrefixPostProcessor.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 6 votes vote down vote up
@Override
public Object postProcessAfterInitialization( Object bean, String beanName )
    throws BeansException
{
    if ( bean instanceof Jsr250MethodSecurityMetadataSource )
    {
        ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix( null );
    }

    if ( bean instanceof DefaultMethodSecurityExpressionHandler )
    {
        ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix( null );
    }

    if ( bean instanceof DefaultWebSecurityExpressionHandler )
    {
        ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix( null );
    }

    if ( bean instanceof SecurityContextHolderAwareRequestFilter )
    {
        ((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix( "" );
    }

    return bean;
}
 
Example #5
Source File: KeycloakWebSecurityConfigurerAdapter.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    http
            .csrf().requireCsrfProtectionMatcher(keycloakCsrfRequestMatcher())
            .and()
            .sessionManagement()
            .sessionAuthenticationStrategy(sessionAuthenticationStrategy())
            .and()
            .addFilterBefore(keycloakPreAuthActionsFilter(), LogoutFilter.class)
            .addFilterBefore(keycloakAuthenticationProcessingFilter(), LogoutFilter.class)
            .addFilterAfter(keycloakSecurityContextRequestFilter(), SecurityContextHolderAwareRequestFilter.class)
            .addFilterAfter(keycloakAuthenticatedActionsRequestFilter(), KeycloakSecurityContextRequestFilter.class)
            .exceptionHandling().authenticationEntryPoint(authenticationEntryPoint())
            .and()
            .logout()
            .addLogoutHandler(keycloakLogoutHandler())
            .logoutUrl("/sso/logout").permitAll()
            .logoutSuccessUrl("/");
}
 
Example #6
Source File: LogoutResourceIT.java    From java-microservices-examples with Apache License 2.0 5 votes vote down vote up
@BeforeEach
public void before() throws Exception {
    Map<String, Object> claims = new HashMap<>();
    claims.put("groups", "ROLE_USER");
    claims.put("sub", 123);
    OidcIdToken idToken = new OidcIdToken(ID_TOKEN, Instant.now(),
        Instant.now().plusSeconds(60), claims);
    SecurityContextHolder.getContext().setAuthentication(authenticationToken(idToken));
    SecurityContextHolderAwareRequestFilter authInjector = new SecurityContextHolderAwareRequestFilter();
    authInjector.afterPropertiesSet();

    this.restLogoutMockMvc = MockMvcBuilders.webAppContextSetup(this.context).build();
}
 
Example #7
Source File: RestConfig.java    From mirrorgate with Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(final HttpSecurity http) throws Exception {
    http
        .addFilterBefore(new HeaderSecurityFilter(), SecurityContextHolderAwareRequestFilter.class)
        .cors()
        .and()
        .csrf()
        .disable()
        .authorizeRequests()
        .antMatchers("/health").permitAll()
        .antMatchers("/websocket").permitAll()
        .antMatchers(HttpMethod.OPTIONS, "**").permitAll()
        .antMatchers(HttpMethod.POST, "/api/**")
        .hasAuthority(SecurityAuthoritiesEnum.COLLECTOR.toString())
        .antMatchers(HttpMethod.DELETE, "/api/**")
        .hasAuthority(SecurityAuthoritiesEnum.COLLECTOR.toString())
        .antMatchers(HttpMethod.POST, "/reviews/**")
        .hasAuthority(SecurityAuthoritiesEnum.REGULAR.toString())
        .antMatchers(HttpMethod.GET, "/dashboards/**")
        .hasAnyAuthority(SecurityAuthoritiesEnum.REGULAR.toString(), SecurityAuthoritiesEnum.SCREEN.toString())
        .antMatchers(HttpMethod.GET, "/emitter/**")
        .hasAnyAuthority(SecurityAuthoritiesEnum.REGULAR.toString(), SecurityAuthoritiesEnum.SCREEN.toString())
        .antMatchers(HttpMethod.POST, "/dashboards/**")
        .hasAuthority(SecurityAuthoritiesEnum.REGULAR.toString())
        .antMatchers(HttpMethod.DELETE, "/dashboards/**")
        .hasAuthority(SecurityAuthoritiesEnum.REGULAR.toString())
        .antMatchers(HttpMethod.PUT, "/dashboards/**")
        .hasAuthority(SecurityAuthoritiesEnum.REGULAR.toString());
}
 
Example #8
Source File: LogoutResourceIT.java    From jhipster-registry with Apache License 2.0 5 votes vote down vote up
@BeforeEach
public void before() throws Exception {
    Map<String, Object> claims = new HashMap<>();
    claims.put("groups", "ROLE_USER");
    claims.put("sub", 123);
    OidcIdToken idToken = new OidcIdToken(ID_TOKEN, Instant.now(),
        Instant.now().plusSeconds(60), claims);
    SecurityContextHolder.getContext().setAuthentication(authenticationToken(idToken));
    SecurityContextHolderAwareRequestFilter authInjector = new SecurityContextHolderAwareRequestFilter();
    authInjector.afterPropertiesSet();

    this.restLogoutMockMvc = MockMvcBuilders.webAppContextSetup(this.context).build();
}
 
Example #9
Source File: AtlasSecurityConfig.java    From atlas with Apache License 2.0 4 votes vote down vote up
protected void configure(HttpSecurity httpSecurity) throws Exception {
    //@formatter:off
    httpSecurity
            .authorizeRequests().anyRequest().authenticated()
            .and()
                .headers()
            .addHeaderWriter(new StaticHeadersWriter(HeadersUtil.CONTENT_SEC_POLICY_KEY, HeadersUtil.headerMap.get(HeadersUtil.CONTENT_SEC_POLICY_KEY)))
            .addHeaderWriter(new StaticHeadersWriter(SERVER_KEY, HeadersUtil.headerMap.get(SERVER_KEY)))
                    .and()
                .servletApi()
            .and()
                .csrf().disable()
                .sessionManagement()
                .enableSessionUrlRewriting(false)
                .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
                .sessionFixation()
                .newSession()
            .and()
            .httpBasic()
            .authenticationEntryPoint(getDelegatingAuthenticationEntryPoint())
            .and()
                .formLogin()
                    .loginPage("/login.jsp")
                    .loginProcessingUrl("/j_spring_security_check")
                    .successHandler(successHandler)
                    .failureHandler(failureHandler)
                    .usernameParameter("j_username")
                    .passwordParameter("j_password")
            .and()
                .logout()
                    .logoutSuccessUrl("/login.jsp")
                    .deleteCookies("ATLASSESSIONID")
                    .logoutUrl("/logout.html");

    //@formatter:on

    boolean configMigrationEnabled = !StringUtils.isEmpty(configuration.getString(ATLAS_MIGRATION_MODE_FILENAME));
    if (configuration.getBoolean("atlas.server.ha.enabled", false) ||
            configMigrationEnabled) {
        if(configMigrationEnabled) {
            LOG.info("Atlas is in Migration Mode, enabling ActiveServerFilter");
        } else {
            LOG.info("Atlas is in HA Mode, enabling ActiveServerFilter");
        }
        httpSecurity.addFilterAfter(activeServerFilter, BasicAuthenticationFilter.class);
    }
    httpSecurity
            .addFilterAfter(staleTransactionCleanupFilter, BasicAuthenticationFilter.class)
            .addFilterBefore(ssoAuthenticationFilter, BasicAuthenticationFilter.class)
            .addFilterAfter(atlasAuthenticationFilter, SecurityContextHolderAwareRequestFilter.class)
            .addFilterAfter(csrfPreventionFilter, AtlasAuthenticationFilter.class);

    if (keycloakEnabled) {
        httpSecurity
          .logout().addLogoutHandler(keycloakLogoutHandler()).and()
          .addFilterBefore(keycloakAuthenticationProcessingFilter(), BasicAuthenticationFilter.class)
          .addFilterBefore(keycloakPreAuthActionsFilter(), LogoutFilter.class)
          .addFilterAfter(keycloakSecurityContextRequestFilter(), SecurityContextHolderAwareRequestFilter.class)
          .addFilterAfter(keycloakAuthenticatedActionsRequestFilter(), KeycloakSecurityContextRequestFilter.class);
    }
}
 
Example #10
Source File: AtlasSecurityConfig.java    From incubator-atlas with Apache License 2.0 4 votes vote down vote up
protected void configure(HttpSecurity httpSecurity) throws Exception {

        //@formatter:off
        httpSecurity
                .authorizeRequests().anyRequest().authenticated()
                .and()
                    .headers().disable()
                    .servletApi()
                .and()
                    .csrf().disable()
                    .sessionManagement()
                    .enableSessionUrlRewriting(false)
                    .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
                    .sessionFixation()
                    .newSession()
                .and()
                    .formLogin()
                        .loginPage("/login.jsp")
                        .loginProcessingUrl("/j_spring_security_check")
                        .successHandler(successHandler)
                        .failureHandler(failureHandler)
                        .usernameParameter("j_username")
                        .passwordParameter("j_password")
                .and()
                    .logout()
                        .logoutSuccessUrl("/login.jsp")
                        .deleteCookies("ATLASSESSIONID")
                        .logoutUrl("/logout.html")
                .and()
                    .httpBasic()
                    .authenticationEntryPoint(getDelegatingAuthenticationEntryPoint());
        //@formatter:on

        if (configuration.getBoolean("atlas.server.ha.enabled", false)) {
            LOG.info("Atlas is in HA Mode, enabling ActiveServerFilter");
            httpSecurity.addFilterAfter(activeServerFilter, BasicAuthenticationFilter.class);
        }
        httpSecurity
                .addFilterAfter(staleTransactionCleanupFilter, BasicAuthenticationFilter.class)
                .addFilterAfter(ssoAuthenticationFilter, BasicAuthenticationFilter.class)
                .addFilterAfter(atlasAuthenticationFilter, SecurityContextHolderAwareRequestFilter.class)
                .addFilterAfter(csrfPreventionFilter, AtlasAuthenticationFilter.class)
                .addFilterAfter(atlasAuthorizationFilter, FilterSecurityInterceptor.class);
    }