本文整理汇总了Java中org.springframework.security.config.annotation.ObjectPostProcessor类的典型用法代码示例。如果您正苦于以下问题:Java ObjectPostProcessor类的具体用法?Java ObjectPostProcessor怎么用?Java ObjectPostProcessor使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
ObjectPostProcessor类属于org.springframework.security.config.annotation包,在下文中一共展示了ObjectPostProcessor类的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: CasHttpSecurityConfigurerAdapter
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
public CasHttpSecurityConfigurerAdapter(List<CasSecurityConfigurer> configurers,
SecurityProperties securityProperties, CasSecurityProperties casSecurityProperties,
CasAuthenticationEntryPoint authenticationEntryPoint, ServiceProperties serviceProperties,
TicketValidator ticketValidator, ObjectPostProcessor<Object> objectPostProcessor) {
this.configurers = configurers;
this.securityProperties = securityProperties;
this.casSecurityProperties = casSecurityProperties;
this.authenticationEntryPoint = authenticationEntryPoint;
this.serviceProperties = serviceProperties;
this.ticketValidator = ticketValidator;
authenticationManagerBuilder = new AuthenticationManagerBuilder(objectPostProcessor);
}
示例2: configureGlobal
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
// Uso un PostProcessor per chiamare setHideUserNotFoundExceptions
auth.userDetailsService(userDetailsService).addObjectPostProcessor(new ObjectPostProcessor<DaoAuthenticationProvider>() {
@Override
public DaoAuthenticationProvider postProcess(DaoAuthenticationProvider processor) {
processor.setHideUserNotFoundExceptions(false); // Permette alla UsernameNotFoundException di arrivare al FailureHandler
if (yadaConfiguration.encodePassword()) {
processor.setPasswordEncoder(passwordEncoder(yadaConfiguration));
}
return processor;
}
});
}
示例3: ServiceProviderBuilder
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
public ServiceProviderBuilder() {
super(new ObjectPostProcessor<Object>() {
@Override
public <T> T postProcess(T object) {
return object;
}
}, false);
}
示例4: configure
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Override
public void configure(HttpSecurity http) throws Exception {
/*
Even though the configuration is non order specific, it's ordered here so one can understand
the flow of operations. Before the Authenticate Override can be called in the http filter
the subject principal must be correctly extracted, hence why the UserDetails for that sets
the "NO_AUTHORITIES", leaving it to the x509v3 checker to set the final authority.
The aggregate of all this is consumed in the final .access() method.
*/
http.x509()
.subjectPrincipalRegex(VALID_MTLS_ID)
.userDetailsService(mtlsSUserDetailsService())
.withObjectPostProcessor(new ObjectPostProcessor<X509AuthenticationFilter>() {
@Override
public <O extends X509AuthenticationFilter> O postProcess(O filter) {
filter.setContinueFilterChainOnUnsuccessfulAuthentication(false);
return filter;
}
});
http.addFilterBefore(preAuthenticationFailureFilter, X509AuthenticationFilter.class)
.authenticationProvider(getPreAuthenticatedAuthenticationProvider());
http
.authorizeRequests()
.antMatchers("/info").permitAll()
.antMatchers("/health").permitAll()
.antMatchers("**")
.access(String.format("hasRole('%s')",
X509AuthenticationProvider.MTLS_USER));
http.httpBasic().disable();
}
示例5: configure
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Override
public void configure(HttpSecurity http) throws Exception {
/*
Even though the configuration is non order specific, it's ordered here so one can understand
the flow of operations. Before the Authenticate Override can be called in the http filter
the subject principal must be correctly extracted, hence why the UserDetails for that sets
the "NO_AUTHORITIES", leaving it to the x509v3 checker to set the final authority.
The aggregate of all this is consumed in the final .access() method.
*/
http.x509()
.subjectPrincipalRegex(VALID_MTLS_ID)
.userDetailsService(mtlsSUserDetailsService())
.withObjectPostProcessor(new ObjectPostProcessor<X509AuthenticationFilter>() {
@Override
public <O extends X509AuthenticationFilter> O postProcess(O filter) {
filter.setContinueFilterChainOnUnsuccessfulAuthentication(false);
return filter;
}
});
http.addFilterBefore(preAuthenticationFailureFilter, X509AuthenticationFilter.class)
.addFilterAfter(oAuth2ExtraValidationFilter, preAuthenticationFailureFilter.getClass())
.authenticationProvider(getPreAuthenticatedAuthenticationProvider());
http
.authorizeRequests()
.antMatchers("/info").permitAll()
.antMatchers("/health").permitAll()
.antMatchers("**")
.access(String.format("hasRole('%s') "
+ "or (#oauth2.hasScope('credhub.read') and #oauth2.hasScope('credhub.write'))",
X509AuthenticationProvider.MTLS_USER));
http.httpBasic().disable();
}
示例6: configure
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
//DefaultFilterInvocationSecurityMetadataSource
// AjaxAuthenticationHandler authHandler = new AjaxAuthenticationHandler("/login", "/plugins/permission/admin");
casFilter.setAuthenticationManager(authenticationManager());
http
.headers()
.addHeaderWriter(new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN))
.and()
.exceptionHandling()
.authenticationEntryPoint(casEntryPoint)
.and()
// .authenticationProvider(casAuthenticationProvider)
.addFilter(casFilter)
.authorizeRequests()
.anyRequest().authenticated()//去掉会启动失败,原因未知
.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
@Override
public <O extends FilterSecurityInterceptor> O postProcess(O object) {
if(securityMetadataSourceBuilder!=null){
securityMetadataSourceBuilder.setFilterSecurityInterceptor(object);
securityMetadataSourceBuilder.buildSecurityMetadataSource();
}
return object;
}
})
.and()
.sessionManagement()
.maximumSessions(1)
.maxSessionsPreventsLogin(true);
}
示例7: configure
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
@Override
public <O extends FilterSecurityInterceptor> O postProcess(O fsi) {
if(securityMetadataSourceBuilder!=null){
securityMetadataSourceBuilder.setFilterSecurityInterceptor(fsi);
securityMetadataSourceBuilder.buildSecurityMetadataSource();
}
return fsi;
}
});
/*for(Entry<String[], String> entry : this.securityConfig.getIntercepterUrls().entrySet()){
http.authorizeRequests().antMatchers(entry.getKey()).access(entry.getValue());
}
for(InterceptersConfig interConfig : this.securityConfig.getIntercepters()){
http.authorizeRequests().antMatchers(interConfig.getPathPatterns()).access(interConfig.getAccess());
}*/
configIntercepterUrls(http, securityConfig.getIntercepterUrls(), securityConfig.getIntercepters());
// http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
configureAnyRequest(http);
webConfigure(http);
defaultConfigure(http);
}
示例8: configure
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
// Set a custom successHandler on the SocialAuthenticationFilter
final SpringSocialConfigurer socialConfigurer = new SpringSocialConfigurer();
socialConfigurer.addObjectPostProcessor(new ObjectPostProcessor<SocialAuthenticationFilter>() {
@Override
public <O extends SocialAuthenticationFilter> O postProcess(O socialAuthenticationFilter) {
socialAuthenticationFilter.setAuthenticationSuccessHandler(socialAuthenticationSuccessHandler);
return socialAuthenticationFilter;
}
});
http.exceptionHandling().and().anonymous().and().servletApi().and().headers().cacheControl().and()
.authorizeRequests()
//allow anonymous font and template requests
.antMatchers("/").permitAll()
.antMatchers("/favicon.ico").permitAll()
.antMatchers("/resources/**").permitAll()
//allow anonymous calls to social login
.antMatchers("/auth/**").permitAll()
//allow anonymous GETs to API
.antMatchers(HttpMethod.GET, "/api/**").permitAll()
//defined Admin only API area
.antMatchers("/admin/**").hasRole("ADMIN")
//all other request need to be authenticated
.antMatchers(HttpMethod.GET, "/api/users/current/details").hasRole("USER")
.anyRequest().hasRole("USER").and()
// add custom authentication filter for complete stateless JWT based authentication
.addFilterBefore(statelessAuthenticationFilter, AbstractPreAuthenticatedProcessingFilter.class)
// apply the configuration from the socialConfigurer (adds the SocialAuthenticationFilter)
.apply(socialConfigurer.userIdSource(userIdSource));
}
示例9: authenticationManager
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Bean
protected AuthenticationManager authenticationManager() throws Exception {
return new AuthenticationManagerBuilder(ObjectPostProcessor.QUIESCENT_POSTPROCESSOR)
.authenticationProvider(autoLoginAuthenticationProvider) // auto login
.userDetailsService(userDetailService)
.passwordEncoder(new PlaintextPasswordEncoder())
.and().build(); // user detail
}
示例10: configure
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
//DefaultFilterInvocationSecurityMetadataSource
AjaxAuthenticationHandler authHandler = new AjaxAuthenticationHandler("/login", "/plugins/permission/admin");
http
.headers()
.addHeaderWriter(new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN))
.and()
.authorizeRequests()
.anyRequest().authenticated()
.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
@Override
public <O extends FilterSecurityInterceptor> O postProcess(O object) {
// object.setRejectPublicInvocations(true);
/*if(securityMetadataSource!=null){
object.setSecurityMetadataSource(securityMetadataSource);
}*/
if(securityMetadataSourceBuilder!=null){
// object.setSecurityMetadataSource(databaseSecurityMetadataSource.convertTo(object.getSecurityMetadataSource()));
securityMetadataSourceBuilder.setFilterSecurityInterceptor(object);
securityMetadataSourceBuilder.buildSecurityMetadataSource();
}
return object;
}
})
.and()
.formLogin()
.loginPage("/login")
.loginProcessingUrl("/dologin")
.successHandler(authHandler)
.failureHandler(authHandler)
.and()
.logout()
.deleteCookies("JSESSIONID")
.invalidateHttpSession(true)
.and()
.sessionManagement()
.maximumSessions(1)
.maxSessionsPreventsLogin(true);
// .failureUrl("/login?loginError=1")
;
}
示例11: authenticationManager
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
@Bean
public AuthenticationManager authenticationManager(ObjectPostProcessor<Object> objectPostProcessor) throws Exception {
return new AuthenticationManagerBuilder(objectPostProcessor).inMemoryAuthentication().and().build();
}
示例12: withObjectPostProcessor
import org.springframework.security.config.annotation.ObjectPostProcessor; //导入依赖的package包/类
/**
* Adds an {@link ObjectPostProcessor} for this class.
*
* @param objectPostProcessor
* @return the {@link ChannelSecurityConfigurer} for further customizations
*/
public LdapAuthenticationProviderConfigurer<B> withObjectPostProcessor(
ObjectPostProcessor<?> objectPostProcessor) {
addObjectPostProcessor(objectPostProcessor);
return this;
}
开发者ID:gravitee-io,项目名称:gravitee-management-rest-api,代码行数:12,代码来源:LdapAuthenticationProviderConfigurer.java