本文整理汇总了Java中org.springframework.security.web.AuthenticationEntryPoint类的典型用法代码示例。如果您正苦于以下问题:Java AuthenticationEntryPoint类的具体用法?Java AuthenticationEntryPoint怎么用?Java AuthenticationEntryPoint使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
AuthenticationEntryPoint类属于org.springframework.security.web包,在下文中一共展示了AuthenticationEntryPoint类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: configure
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
// secure endpoints
RequestMatcher matcher = getRequestMatcher();
if (matcher != null) {
// Always protect them if present
if (this.security.isRequireSsl()) {
http.requiresChannel().anyRequest().requiresSecure();
}
AuthenticationEntryPoint entryPoint = entryPoint();
http.exceptionHandling().authenticationEntryPoint(entryPoint);
// Match all the requests for actuator endpoints ...
http.requestMatcher(matcher);
// ... but permitAll() for the non-sensitive ones
configurePermittedRequests(http.authorizeRequests());
http.httpBasic().authenticationEntryPoint(entryPoint);
// No cookies for management endpoints by default
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(
this.management.getSecurity().getSessions());
SpringBootWebSecurityConfiguration.configureHeaders(http.headers(),
this.security.getHeaders());
}
}
开发者ID:vikrammane23,项目名称:https-github.com-g0t4-jenkins2-course-spring-boot,代码行数:25,代码来源:ManagementWebSecurityAutoConfiguration.java
示例2: configure
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
final AuthenticationEntryPoint ssoEntryPoint = new SsoAuthenticationEntryPoint(SsoController.SSO_PAGE);
final SsoAuthenticationFilter<?> ssoAuthenticationFilter = new SsoAuthenticationFilter<>(SsoController.SSO_AUTHENTICATION_URI, EntityType.CombinedSso.INSTANCE);
ssoAuthenticationFilter.setAuthenticationManager(authenticationManager());
final LogoutSuccessHandler logoutSuccessHandler = new HodTokenLogoutSuccessHandler(SsoController.SSO_LOGOUT_PAGE, tokenRepository);
http.regexMatcher("/public(/.*)?|/sso|/authenticate-sso|/api/authentication/.*|/logout")
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(ssoEntryPoint)
.accessDeniedPage(DispatcherServletConfiguration.AUTHENTICATION_ERROR_PATH)
.and()
.authorizeRequests()
.antMatchers(FindController.APP_PATH + "/**").hasRole(FindRole.USER.name())
.and()
.logout()
.logoutSuccessHandler(logoutSuccessHandler)
.and()
.addFilterAfter(ssoAuthenticationFilter, AbstractPreAuthenticatedProcessingFilter.class);
}
示例3: configure
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
final Filter corsFilter = context.getBean(ICorsFilterConfig.class).corsFilter();
final AuthenticationEntryPoint basicAuthenticationEntryPoint = context.getBean(
BASIC_AUTH_BEAN_NAME,
AuthenticationEntryPoint.class);
http
.antMatcher(JwtRestServiceConfig.REST_API_URL_PREFIX + "/**")
// As of Spring Security 4.0, CSRF protection is enabled by default.
.csrf().disable()
// Configure CORS
.addFilterBefore(corsFilter, SecurityContextPersistenceFilter.class)
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.antMatchers("/**").hasAnyAuthority(ROLE_USER)
.and()
.httpBasic().authenticationEntryPoint(basicAuthenticationEntryPoint);
}
示例4: configure
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
AuthenticationEntryPoint authenticationEntryPoint = lookup("authenticationEntryPoint");
http.csrf().disable()
.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint)
.and()
.sessionManagement().sessionCreationPolicy(STATELESS);
customizeRequestAuthorization(http.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers(POST, LOGIN_ENDPOINT).permitAll()
.and());
http.authorizeRequests().anyRequest().authenticated();
JwtTokenService jwtTokenService = lookup("jwtTokenService");
// JwtAuthenticationFilter must precede LogoutFilter, otherwise LogoutHandler wouldn't know who
// logs out.
customizeFilters(
http.addFilterBefore(new JwtAuthenticationFilter(jwtTokenService), LogoutFilter.class));
customizeRememberMe(http);
}
示例5: authenticationEntryPoint
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
protected AuthenticationEntryPoint authenticationEntryPoint() {
return new AuthenticationEntryPoint() {
@Override
public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException {
httpServletResponse.getWriter().append("Not authenticated");
httpServletResponse.setStatus(401);
}
};
}
示例6: http401AuthenticationEntryPoint
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
private AuthenticationEntryPoint http401AuthenticationEntryPoint() {
// This gets used for both secured and unsecured configurations. It will be called by Spring Security if a request makes it through the filter chain without being authenticated.
// For unsecured, this should never be reached because the custom AnonymousAuthenticationFilter should always populate a fully-authenticated anonymous user
// For secured, this will cause attempt to access any API endpoint (except those explicitly ignored) without providing credentials to return a 401 Unauthorized challenge
return new AuthenticationEntryPoint() {
@Override
public void commence(HttpServletRequest request,
HttpServletResponse response,
AuthenticationException e) throws IOException, ServletException {
logger.info("AuthenticationEntryPoint invoked as no user identity credentials were found in the request.");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
};
}
示例7: restAuthenticationEntryPoint
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@Bean
public AuthenticationEntryPoint restAuthenticationEntryPoint() {
return new AuthenticationEntryPoint() {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, ApplicationContext.language("error.msgUnauthorized"));
}
};
}
示例8: OneTimePasswordFilterConfigurer
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
public OneTimePasswordFilterConfigurer(final String loginProcessingUrl,
AuthenticationSuccessHandler successHandler,
AuthenticationFailureHandler failureHandler,
AuthenticationEntryPoint entryPoint) {
this.authFilter = new OneTimePasswordAuthenticationFilter(loginProcessingUrl);
this.authFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher(loginProcessingUrl, "POST"));
this.authFilter.setAuthenticationSuccessHandler(successHandler);
this.authFilter.setAuthenticationFailureHandler(failureHandler);
this.authFilter.setAllowSessionCreation(true);
this.authenticationEntryPoint = entryPoint;
}
示例9: getAuthEntryPoint
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
private static AuthenticationEntryPoint getAuthEntryPoint() {
return new AuthenticationEntryPoint() {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Access Denied");
}
};
}
示例10: configure
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
if (this.security.isRequireSsl()) {
http.requiresChannel().anyRequest().requiresSecure();
}
if (!this.security.isEnableCsrf()) {
http.csrf().disable();
}
// No cookies for application endpoints by default
http.sessionManagement().sessionCreationPolicy(this.security.getSessions());
SpringBootWebSecurityConfiguration.configureHeaders(http.headers(),
this.security.getHeaders());
String[] paths = getSecureApplicationPaths();
if (paths.length > 0) {
AuthenticationEntryPoint entryPoint = entryPoint();
http.exceptionHandling().authenticationEntryPoint(entryPoint);
http.httpBasic().authenticationEntryPoint(entryPoint);
http.requestMatchers().antMatchers(paths);
String[] roles = this.security.getUser().getRole().toArray(new String[0]);
SecurityAuthorizeMode mode = this.security.getBasic().getAuthorizeMode();
if (mode == null || mode == SecurityAuthorizeMode.ROLE) {
http.authorizeRequests().anyRequest().hasAnyRole(roles);
}
else if (mode == SecurityAuthorizeMode.AUTHENTICATED) {
http.authorizeRequests().anyRequest().authenticated();
}
}
}
开发者ID:vikrammane23,项目名称:https-github.com-g0t4-jenkins2-course-spring-boot,代码行数:29,代码来源:SpringBootWebSecurityConfiguration.java
示例11: authenticationEntryPoint
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
/**
* For a REST backend there's no login page, so security must return a 401
* code
*
* @return
*/
@Bean
public AuthenticationEntryPoint authenticationEntryPoint() {
return (HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) -> {
LOG.info("ENTRY >>> rejecting entry: " + authException.getMessage());
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage());
};
}
示例12: configure
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
AuthenticationEntryPoint entryPoint = entryPoint();
AdminRequestedAccessDeniedHandler accessDeniedHandler = new AdminRequestedAccessDeniedHandler(entryPoint);
http
.requiresChannel()
.requestMatchers(request -> request.getHeader("x-forwarded-port") != null).requiresSecure()
.and()
.exceptionHandling()
.authenticationEntryPoint(entryPoint)
.accessDeniedHandler(accessDeniedHandler)
.and()
.csrf()
.ignoringAntMatchers("/github/hooks/**").and()
.authorizeRequests()
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.mvcMatchers("/login/**", "/", "/about", "/faq").permitAll()
.mvcMatchers("/view/**").permitAll()
.mvcMatchers("/webjars/**", "/assets/**").permitAll()
.mvcMatchers("/github/hooks/**").permitAll()
.mvcMatchers("/admin","/admin/cla/link/**","/admin/help/**").hasRole("ADMIN")
.mvcMatchers("/admin/**","/manage/**").hasRole("CLA_AUTHOR")
.anyRequest().authenticated()
.and()
.logout()
.logoutSuccessUrl("/?logout");
}
示例13: getDelegatingAuthenticationEntryPoint
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
public DelegatingAuthenticationEntryPoint getDelegatingAuthenticationEntryPoint() {
LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPointMap = new LinkedHashMap<>();
entryPointMap.put(new RequestHeaderRequestMatcher("User-Agent", "Mozilla"), atlasAuthenticationEntryPoint);
DelegatingAuthenticationEntryPoint entryPoint = new DelegatingAuthenticationEntryPoint(entryPointMap);
entryPoint.setDefaultEntryPoint(getAuthenticationEntryPoint());
return entryPoint;
}
示例14: delegatingAuthenticationEntryPoint
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@Bean
@Autowired
public DelegatingAuthenticationEntryPoint delegatingAuthenticationEntryPoint(BasicAuthenticationEntryPoint basic,
LoginUrlAuthenticationEntryPoint login) {
LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
entryPoints.put(new RequestHeaderRequestMatcher("Content-Type", "application/json"), basic);
entryPoints.put(new NegatedRequestMatcher(new RequestContainingAcceptTextHeaderRequestMatcher()), basic);
DelegatingAuthenticationEntryPoint delegate = new DelegatingAuthenticationEntryPoint(entryPoints);
delegate.setDefaultEntryPoint(login);
return delegate;
}
示例15: configure
import org.springframework.security.web.AuthenticationEntryPoint; //导入依赖的package包/类
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
final LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
entryPoints.put(new AntPathRequestMatcher("/api/**"), new Http403ForbiddenEntryPoint());
entryPoints.put(AnyRequestMatcher.INSTANCE, new LoginUrlAuthenticationEntryPoint(FindController.DEFAULT_LOGIN_PAGE));
final AuthenticationEntryPoint authenticationEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);
http
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint)
.accessDeniedPage("/authentication-error")
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(FindController.DEFAULT_LOGIN_PAGE)
.and()
.authorizeRequests()
.antMatchers(FindController.APP_PATH + "/**").hasAnyRole(FindRole.USER.name())
.antMatchers(FindController.CONFIG_PATH).hasRole(FindRole.CONFIG.name())
.antMatchers("/api/public/**").hasRole(FindRole.USER.name())
.antMatchers("/api/bi/**").hasRole(FindRole.BI.name())
.antMatchers("/api/config/**").hasRole(FindRole.CONFIG.name())
.antMatchers("/api/admin/**").hasRole(FindRole.ADMIN.name())
.antMatchers(FindController.DEFAULT_LOGIN_PAGE).permitAll()
.antMatchers(FindController.LOGIN_PATH).permitAll()
.antMatchers("/").permitAll()
.anyRequest().denyAll()
.and()
.headers()
.defaultsDisabled()
.frameOptions()
.sameOrigin();
idolSecurityCustomizer.customize(http, authenticationManager());
}