Java Code Examples for org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint

The following examples show how to use org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
@Override
protected void configure(HttpSecurity http) throws Exception {

	//enforce browser login popup with basic authentication
	BasicAuthenticationEntryPoint authEntryPoint = new BasicAuthenticationEntryPoint();
	authEntryPoint.setRealmName("spring-security-basic-auth");

	// @formatter:off
	http.authorizeRequests()
			.antMatchers("/hello-token").hasAuthority("Display")
			.anyRequest().authenticated()
		.and()
			.sessionManagement()
			.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
		.and().exceptionHandling().authenticationEntryPoint(authEntryPoint).and()
			.oauth2ResourceServer()
			.bearerTokenResolver(getTokenBrokerResolver())
			.jwt()
			.jwtAuthenticationConverter(jwtAuthenticationConverter());

	// @formatter:on
}
 
Example 2
Source Project: freeacs   Source File: BasicSpringSecurityConfig.java    License: MIT License 4 votes vote down vote up
private BasicAuthenticationEntryPoint basicEntryPoint() {
    BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthenticationEntryPoint.setRealmName("FreeACS");
    return basicAuthenticationEntryPoint;
}
 
Example 3
Source Project: ods-provisioning-app   Source File: BasicAuthConfig.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
public BasicAuthenticationEntryPoint basicAuthEntryPoint() {
  BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint();
  entryPoint.setRealmName(idManagerRealm);
  return entryPoint;
}
 
Example 4
@Bean
public BasicAuthenticationEntryPoint basicAuthenticationEntryPoint() {
  BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint();
  entryPoint.setRealmName(TEST_REALM);
  return entryPoint;
}
 
Example 5
Source Project: java-trader   Source File: TraderUISecurityConfiguration.java    License: Apache License 2.0 4 votes vote down vote up
public BasicAuthenticationEntryPoint getBasicAuthenticationEntryPoint() {
    TraderUIAuthenticationEntryPoint entryPoint = new TraderUIAuthenticationEntryPoint();
    entryPoint.setRealmName(REALM);
    return entryPoint;
}
 
Example 6
Source Project: java-trader   Source File: TraderUISecurityConfiguration.java    License: Apache License 2.0 4 votes vote down vote up
@SuppressWarnings("deprecation")
@Bean
public NoOpPasswordEncoder passwordEncoder() {
    BasicAuthenticationEntryPoint a;
    return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
}
 
Example 7
@Bean
public BasicAuthenticationFilter basicAuthFilter(AuthenticationManager authenticationManager,
		BasicAuthenticationEntryPoint basicAuthEntryPoint) {
	return new BasicAuthenticationFilter(authenticationManager, basicAuthEntryPoint());
}
 
Example 8
@Bean
public BasicAuthenticationEntryPoint basicAuthEntryPoint() {
	BasicAuthenticationEntryPoint bauth = new BasicAuthenticationEntryPoint();
	bauth.setRealmName("Promregator");
	return bauth;
}
 
Example 9
@Override
protected void configure(HttpSecurity http) throws Exception {

	final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
	basicAuthenticationEntryPoint.setRealmName(SecurityConfigUtils.BASIC_AUTH_REALM_NAME);
	basicAuthenticationEntryPoint.afterPropertiesSet();

	if (opaqueTokenIntrospector != null) {
		BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter(
				providerManager(), basicAuthenticationEntryPoint);
		http.addFilter(basicAuthenticationFilter);
	}

	this.authorizationProperties.getAuthenticatedPaths().add(dashboard("/**"));
	this.authorizationProperties.getAuthenticatedPaths().add(dashboard(""));

	ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry security =
			http.authorizeRequests()
					.antMatchers(this.authorizationProperties.getPermitAllPaths().toArray(new String[0]))
					.permitAll()
	.antMatchers(this.authorizationProperties.getAuthenticatedPaths().toArray(new String[0]))
	.authenticated();

	security = SecurityConfigUtils.configureSimpleSecurity(security, this.authorizationProperties);
	security.anyRequest().denyAll();

	http.httpBasic().and()
			.logout()
			.logoutSuccessUrl(dashboard("/logout-success-oauth.html"))
			.and().csrf().disable()
			.exceptionHandling()
			.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/api/**"))
			.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/actuator/**"));

	if (opaqueTokenIntrospector != null) {
		http.oauth2ResourceServer()
			.opaqueToken()
				.introspector(opaqueTokenIntrospector());
	} else if (oAuth2ResourceServerProperties.getJwt().getJwkSetUri() != null) {
		http.oauth2ResourceServer()
			.jwt()
				.jwtAuthenticationConverter(grantedAuthoritiesExtractor());
	}

	this.securityStateBean.setAuthenticationEnabled(true);
}
 
Example 10
@Override
protected void configure(HttpSecurity http) throws Exception {
	final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher(
			contentNegotiationStrategy,
			MediaType.TEXT_HTML);

	final String loginPage = dashboard("/#/login");

	final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
	basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
	basicAuthenticationEntryPoint.afterPropertiesSet();

	http
		.csrf()
		.disable()
		.authorizeRequests()
		.antMatchers("/")
		.authenticated()
		.antMatchers(
				dashboard("/**"),
				"/authenticate",
				"/security/info",
				"/features",
				"/assets/**").permitAll()
	.and()
		.formLogin().loginPage(loginPage)
		.loginProcessingUrl(dashboard("/login"))
		.defaultSuccessUrl(dashboard("/")).permitAll()
	.and()
		.logout().logoutUrl(dashboard("/logout"))
			.logoutSuccessUrl(dashboard("/logout-success.html"))
		.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll()
	.and().httpBasic()
		.and().exceptionHandling()
		.defaultAuthenticationEntryPointFor(
				new LoginUrlAuthenticationEntryPoint(loginPage),
				textHtmlMatcher)
		.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint,
				AnyRequestMatcher.INSTANCE)
	.and()
		.authorizeRequests()
		.anyRequest().authenticated();

	final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>(
			sessionRepository());
	sessionRepositoryFilter
			.setHttpSessionStrategy(new HeaderHttpSessionStrategy());

	http.addFilterBefore(sessionRepositoryFilter,
			ChannelProcessingFilter.class).csrf().disable();
	http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
 
Example 11
@Override
protected void configure(final HttpSecurity http) throws Exception {

    HttpSecurity httpSec = http.regexMatcher("\\/rest.*|\\/system/admin.*").csrf().disable();

    if (securityProperties.getCors().isEnabled()) {
        httpSec = httpSec.cors().and();
    }

    if (securityProperties.isRequireSsl()) {
        httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and();
    }

    httpSec.authorizeRequests().anyRequest().authenticated()
            .antMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
            .hasAnyAuthority(SpPermission.SYSTEM_ADMIN);

    if (oidcBearerTokenAuthenticationFilter != null) {

        // Only get the first client registration. Testing against every
        // client could increase the
        // attack vector
        ClientRegistration clientRegistration = null;
        for (final ClientRegistration cr : clientRegistrationRepository) {
            clientRegistration = cr;
            break;
        }

        Assert.notNull(clientRegistration, "There must be a valid client registration");
        httpSec.oauth2ResourceServer().jwt().jwkSetUri(clientRegistration.getProviderDetails().getJwkSetUri());

        oidcBearerTokenAuthenticationFilter.setClientRegistration(clientRegistration);

        httpSec.addFilterAfter(oidcBearerTokenAuthenticationFilter, BearerTokenAuthenticationFilter.class);
    } else {
        final BasicAuthenticationEntryPoint basicAuthEntryPoint = new BasicAuthenticationEntryPoint();
        basicAuthEntryPoint.setRealmName(securityProperties.getBasicRealm());

        httpSec.addFilterBefore(new Filter() {
            @Override
            public void init(final FilterConfig filterConfig) throws ServletException {
                userAuthenticationFilter.init(filterConfig);
            }

            @Override
            public void doFilter(final ServletRequest request, final ServletResponse response,
                    final FilterChain chain) throws IOException, ServletException {
                userAuthenticationFilter.doFilter(request, response, chain);
            }

            @Override
            public void destroy() {
                userAuthenticationFilter.destroy();
            }
        }, RequestHeaderAuthenticationFilter.class);
        httpSec.httpBasic().and().exceptionHandling().authenticationEntryPoint(basicAuthEntryPoint);
    }

    httpSec.addFilterAfter(
            new AuthenticationSuccessTenantMetadataCreationFilter(systemManagement, systemSecurityContext),
            SessionManagementFilter.class);

    httpSec.anonymous().disable();
    httpSec.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
 
Example 12
Source Project: incubator-atlas   Source File: AtlasSecurityConfig.java    License: Apache License 2.0 4 votes vote down vote up
public BasicAuthenticationEntryPoint getAuthenticationEntryPoint() {
    BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthenticationEntryPoint.setRealmName("atlas.com");
    return basicAuthenticationEntryPoint;
}
 
Example 13
Source Project: tutorials   Source File: MultipleEntryPointsSecurityConfig.java    License: MIT License 4 votes vote down vote up
@Bean
public AuthenticationEntryPoint authenticationEntryPoint(){
    BasicAuthenticationEntryPoint entryPoint = new  BasicAuthenticationEntryPoint();
    entryPoint.setRealmName("admin realm");
    return entryPoint;
}