org.springframework.security.authentication.AuthenticationDetailsSource Java Examples

The following examples show how to use org.springframework.security.authentication.AuthenticationDetailsSource. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SecurityConfiguration.java    From syndesis with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("PMD.SignatureDeclareThrowsException")
private RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() throws Exception {
    RequestHeaderAuthenticationFilter f = new RequestHeaderAuthenticationFilter();
    f.setPrincipalRequestHeader("X-Forwarded-User");
    f.setCredentialsRequestHeader("X-Forwarded-Access-Token");
    f.setAuthenticationManager(authenticationManager());
    f.setAuthenticationDetailsSource(
        (AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>)
            (request) ->new PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(
                request,
                AuthorityUtils.createAuthorityList("ROLE_AUTHENTICATED")
            )
    );
    f.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
    f.setExceptionIfHeaderMissing(false);
    return f;
}
 
Example #2
Source File: ApimlX509AuthenticationFilterTest.java    From api-layer with Eclipse Public License 2.0 5 votes vote down vote up
@Test
void giveCertificates_thenRemoveForeign_whenCallFilter() throws IOException, ServletException {
    ApimlX509AuthenticationFilter filter = new ApimlX509AuthenticationFilter(new HashSet<>(Arrays.asList(
        correctBase64("apimlCert1"),
        correctBase64("apimlCert2")
    )));
    filter.setAuthenticationDetailsSource(mock(AuthenticationDetailsSource.class));
    filter.setAuthenticationManager(mock(AuthenticationManager.class));

    X509Certificate[] certificates = new X509Certificate[] {
        getCertificate(correctBase64("foreignCert1")),
        getCertificate(correctBase64("apimlCert1")),
        getCertificate(correctBase64("foreignCert2")),
        getCertificate(correctBase64("apimlCert2"))
    };
    //doReturn(certificates).when(request).getAttribute("javax.servlet.request.X509Certificate");
    request.setAttribute("javax.servlet.request.X509Certificate", certificates);

    filter.doFilter(request, response, chain);

    X509Certificate[] filtered = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
    assertNotNull(filtered);
    assertEquals(2, filtered.length);
    assertSame(certificates[1], filtered[0]);
    assertSame(certificates[3], filtered[1]);

    verify(chain, times(1)).doFilter(request, response);
}
 
Example #3
Source File: BasicAuthenticationFilter.java    From document-management-software with GNU Lesser General Public License v3.0 4 votes vote down vote up
public void setAuthenticationDetailsSource(
		AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
	Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
	this.authenticationDetailsSource = authenticationDetailsSource;
}
 
Example #4
Source File: LoginConfig.java    From zhcet-web with Apache License 2.0 4 votes vote down vote up
public LoginConfig(AuthenticationDetailsSource<HttpServletRequest, WebAuthenticationDetails> authenticationDetailsSource, AuthenticationFailureHandler authenticationFailureHandler) {
    this.authenticationDetailsSource = authenticationDetailsSource;
    this.authenticationFailureHandler = authenticationFailureHandler;
}
 
Example #5
Source File: FirebaseAutheticationFilter.java    From zhcet-web with Apache License 2.0 4 votes vote down vote up
@Override
@Autowired(required = false)
public void setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
    super.setAuthenticationDetailsSource(authenticationDetailsSource);
}
 
Example #6
Source File: AuthBeans.java    From zhcet-web with Apache License 2.0 4 votes vote down vote up
@Bean
AuthenticationDetailsSource<HttpServletRequest, WebAuthenticationDetails> authenticationDetailsSource() {
    return CustomAuthenticationDetails::new;
}
 
Example #7
Source File: SecurityConfiguration.java    From graviteeio-access-management with Apache License 2.0 4 votes vote down vote up
@Bean
public AuthenticationDetailsSource<HttpServletRequest, WebAuthenticationDetails> authenticationDetailsSource() {
    return new WebAuthenticationDetailsSource();
}
 
Example #8
Source File: ConsumerEndpoint.java    From MaxKey with Apache License 2.0 4 votes vote down vote up
@RequestMapping(value = "/consumer/saml/v20/{spId}")
public ModelAndView consumer(HttpServletRequest request,
		HttpServletResponse response, @PathVariable("spId") String spId)
		throws Exception {

	logger.debug("Attempting authentication.");
	// 初始化SP 证书
	initCredential(spId);

	SAMLMessageContext messageContext=null;

	/*try {
		messageContext = bindingAdapter.extractSAMLMessageContext(request);
	} catch (MessageDecodingException me) {
		logger.error("Could not decode SAML Response", me);
		throw new Exception(me);
	} catch (SecurityException se) {
		logger.error("Could not decode SAML Response", se);
		throw new Exception(se);
	}*/

	logger.debug("Message received from issuer: "
			+ messageContext.getInboundMessageIssuer());

	if (!(messageContext.getInboundSAMLMessage() instanceof Response)) {
		logger.error("SAML Message was not a Response");
		throw new Exception();
	}
	List<Assertion> assertionList = ((Response) messageContext
			.getInboundSAMLMessage()).getAssertions();



	String credentials = extractBindingAdapter.extractSAMLMessage(request);

	// 未认证token
	Response samlResponse=(Response) messageContext.getInboundSAMLMessage();
	
	AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();


	try {
		validatorSuite.validate(samlResponse);
	} catch (ValidationException ve) {
		logger.warn("Response Message failed Validation", ve);
		throw new ServiceProviderAuthenticationException("Invalid SAML REsponse Message", ve);
	}

	
	checkResponseStatus(samlResponse);

	Assertion assertion = samlResponse.getAssertions().get(0);
	
	logger.debug("authenticationResponseIssuingEntityName {}" ,samlResponse.getIssuer().getValue()); 
	
	String username=assertion.getSubject().getNameID().getValue();
	
	logger.debug("assertion.getID() " ,assertion.getID());
	logger.debug("assertion.getSubject().getNameID().getValue() ", username);
	

	logger.debug("assertion.getID() ", assertion.getAuthnStatements());
	
	WebContext.setAuthentication(username, ConstantsLoginType.SAMLTRUST,"","","success");

	ModelAndView mav = new ModelAndView();
	mav.addObject("username", username);

	mav.setViewName("redirect:/consumer/saml/v20/forward/webseal/eai");
	return mav;
}
 
Example #9
Source File: TokenAuthFilterConfigurer.java    From haven-platform with Apache License 2.0 4 votes vote down vote up
public AuthenticationDetailsSource<HttpServletRequest, ?> getAuthenticationDetailsSource() {
    return authenticationDetailsSource;
}
 
Example #10
Source File: TokenAuthFilterConfigurer.java    From haven-platform with Apache License 2.0 4 votes vote down vote up
public void setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
    this.authenticationDetailsSource = authenticationDetailsSource;
}
 
Example #11
Source File: CustomOAuth2RequestFilter.java    From cloudstreetmarket.com with GNU General Public License v3.0 4 votes vote down vote up
public void setAuthenticationDetailsSource(
		AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
	Assert.notNull(authenticationDetailsSource,
			"AuthenticationDetailsSource required");
	this.authenticationDetailsSource = authenticationDetailsSource;
}
 
Example #12
Source File: BasicSecurityConfigurerAdapter.java    From gravitee-management-rest-api with Apache License 2.0 4 votes vote down vote up
private AuthenticationDetailsSource<HttpServletRequest, GraviteeAuthenticationDetails> authenticationDetailsSource() {
    return GraviteeAuthenticationDetails::new;
}
 
Example #13
Source File: BasicSecurityConfigurerAdapter.java    From gravitee-management-rest-api with Apache License 2.0 4 votes vote down vote up
private AuthenticationDetailsSource<HttpServletRequest, GraviteeAuthenticationDetails> authenticationDetailsSource() {
    return GraviteeAuthenticationDetails::new;
}
 
Example #14
Source File: KerberosAuthenticationProcessingFilter.java    From cxf-fediz with Apache License 2.0 4 votes vote down vote up
public void setAuthenticationDetailsSource(
    AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
    Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
    this.authenticationDetailsSource = authenticationDetailsSource;
}
 
Example #15
Source File: TokenEndpointAuthenticationFilter.java    From MaxKey with Apache License 2.0 2 votes vote down vote up
/**
 * A source of authentication details for requests that result in authentication.
 * 
 * @param authenticationDetailsSource the authenticationDetailsSource to set
 */
public void setAuthenticationDetailsSource(
		AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
	this.authenticationDetailsSource = authenticationDetailsSource;
}