本文整理汇总了Java中org.springframework.security.web.authentication.AnonymousAuthenticationFilter类的典型用法代码示例。如果您正苦于以下问题:Java AnonymousAuthenticationFilter类的具体用法?Java AnonymousAuthenticationFilter怎么用?Java AnonymousAuthenticationFilter使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AnonymousAuthenticationFilter类属于org.springframework.security.web.authentication包,在下文中一共展示了AnonymousAuthenticationFilter类的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
@SuppressWarnings("PMD.SignatureDeclareThrowsException")
protected void configure(HttpSecurity http) throws Exception {
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.addFilter(requestHeaderAuthenticationFilter())
.addFilter(new AnonymousAuthenticationFilter("anonymous"))
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS).permitAll()
.antMatchers("/api/v1/swagger.*").permitAll()
.antMatchers("/api/v1/index.html").permitAll()
.antMatchers("/api/v1/version").permitAll()
.antMatchers(HttpMethod.GET, "/api/v1/credentials/callback").permitAll()
.antMatchers("/api/v1/**").hasRole("AUTHENTICATED")
.anyRequest().permitAll();
http.csrf().disable();
}
示例2: testLoggingAnonymousUser
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Test
public void testLoggingAnonymousUser() throws Exception
{
invalidateApplicationUser(null);
// Apply AnonymousAuthenticationFilter
AnonymousAuthenticationFilter anonymousAuthenticationFilter = new AnonymousAuthenticationFilter("AnonymousFilterKey");
anonymousAuthenticationFilter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain());
// Apply user logging filter.
Log4jMdcLoggingFilter filterUnderTest = new Log4jMdcLoggingFilter();
filterUnderTest.init(new MockFilterConfig());
MockFilterChain mockChain = new MockFilterChain();
MockHttpServletRequest req = new MockHttpServletRequest();
MockHttpServletResponse rsp = new MockHttpServletResponse();
filterUnderTest.doFilter(req, rsp, mockChain);
filterUnderTest.destroy();
}
示例3: appAnonAuthFilter
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Bean
public AnonymousAuthenticationFilter appAnonAuthFilter(){
List<GrantedAuthority> anonAuth = new ArrayList<>();
anonAuth.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
AppAnonAuthFilter anonFilter = new AppAnonAuthFilter("ANONYMOUS","guest",anonAuth);
return anonFilter;
}
示例4: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
HttpSecurity httpSecurity = http
.requestMatchers()
.antMatchers(urlPatterns())
.and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.exceptionHandling().and()
.headers()
.cacheControl().and()
.frameOptions().disable()
.and()
.authorizeRequests().anyRequest().permitAll().and();
Filter[] filters = primarySchemeFilters();
for (Filter filter : filters) {
httpSecurity = httpSecurity.addFilterBefore(filter, AnonymousAuthenticationFilter.class);
}
httpSecurity = httpSecurity.addFilterBefore(new JwtFilter(), AnonymousAuthenticationFilter.class);
if (bpmEnabled) {
httpSecurity = httpSecurity.addFilterBefore(bpmAuthenticationFilter(), AnonymousAuthenticationFilter.class);
}
httpSecurity.addFilterAfter(new JwtPostFilter(tokenProvider), FilterSecurityInterceptor.class);
}
示例5: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.rememberMe().disable()
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.exceptionHandling()
.authenticationEntryPoint(http401AuthenticationEntryPoint())
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
// x509
http.addFilterBefore(x509AuthenticationFilter(), AnonymousAuthenticationFilter.class);
// jwt
http.addFilterBefore(jwtAuthenticationFilter(), AnonymousAuthenticationFilter.class);
// otp
// todo, if needed one-time password auth filter goes here
if (properties.getSslPort() == null) {
// If we are running an unsecured NiFi Registry server, add an
// anonymous authentication filter that will populate the
// authenticated, anonymous user if no other user identity
// is detected earlier in the Spring filter chain.
http.anonymous().authenticationFilter(anonymousAuthenticationFilter);
}
}
示例6: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.rememberMe().disable().authorizeRequests().anyRequest().fullyAuthenticated().and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.addFilterBefore(x509AuthenticationFilter, AnonymousAuthenticationFilter.class);
http.anonymous().authenticationFilter(c2AnonymousAuthenticationFilter);
}
示例7: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
UloginAuthenticationFilter uloginFilter = new UloginAuthenticationFilter("/ulogin");
uloginFilter.setAuthenticationManager(authenticationManager());
HttpSecurity httpSecurity = http.
addFilterBefore(uloginFilter, AnonymousAuthenticationFilter.class);
httpSecurity.authorizeRequests().antMatchers("/login.html").permitAll()
.anyRequest().authenticated() ;
httpSecurity.formLogin().loginPage("/login.html");
}
示例8: anonymousAuthenticationFilter
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Bean
public AnonymousAuthenticationFilter anonymousAuthenticationFilter(){
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
AnonymousAuthenticationFilter bean = new AnonymousAuthenticationFilter("changeThis","anonymousUser",authorities);
return bean;
}
示例9: filterChainProxy
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
/**
* Gets a filter chain proxy.
*
* @param trustedUserAuthenticationFilter the trusted user authentication filter.
* @param httpHeaderAuthenticationFilter the HTTP header authentication filter.
*
* @return the filter chain proxy.
*/
@Bean
public FilterChainProxy filterChainProxy(final TrustedUserAuthenticationFilter trustedUserAuthenticationFilter,
final HttpHeaderAuthenticationFilter httpHeaderAuthenticationFilter)
{
return new FilterChainProxy(new SecurityFilterChain()
{
@Override
public boolean matches(HttpServletRequest request)
{
// Match all URLs.
return true;
}
@Override
public List<Filter> getFilters()
{
List<Filter> filters = new ArrayList<>();
// Required filter to store session information between HTTP requests.
filters.add(new SecurityContextPersistenceFilter());
// Trusted user filter to bypass security based on SpEL expression environment property.
filters.add(trustedUserAuthenticationFilter);
// Filter that authenticates based on http headers.
if (Boolean.valueOf(configurationHelper.getProperty(ConfigurationValue.SECURITY_HTTP_HEADER_ENABLED)))
{
filters.add(httpHeaderAuthenticationFilter);
}
// Anonymous user filter.
filters.add(new AnonymousAuthenticationFilter("AnonymousFilterKey"));
return filters;
}
});
}
示例10: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
configureHeaders(http.headers());
http.requestMatchers().antMatchers("/signin/**", "/blog/**").and()
.addFilterBefore(authenticationFilter(),
AnonymousAuthenticationFilter.class).anonymous().and().csrf()
.disable();
}
示例11: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
configureShared(http);
http.addFilterBefore(restTokenFilter(), AnonymousAuthenticationFilter.class);
}
示例12: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.addFilterBefore(createCustomFilter(), AnonymousAuthenticationFilter.class)
.csrf().disable();
}
示例13: configure
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(final HttpSecurity http) throws Exception {
final ControllerTenantAwareAuthenticationDetailsSource authenticationDetailsSource = new ControllerTenantAwareAuthenticationDetailsSource();
final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter = new HttpControllerPreAuthenticatedSecurityHeaderFilter(
ddiSecurityConfiguration.getRp().getCnHeader(),
ddiSecurityConfiguration.getRp().getSslIssuerHashHeader(), tenantConfigurationManagement,
tenantAware, systemSecurityContext);
securityHeaderFilter.setAuthenticationManager(authenticationManager());
securityHeaderFilter.setCheckForPrincipalChanges(true);
securityHeaderFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
final HttpControllerPreAuthenticateSecurityTokenFilter securityTokenFilter = new HttpControllerPreAuthenticateSecurityTokenFilter(
tenantConfigurationManagement, tenantAware, controllerManagement, systemSecurityContext);
securityTokenFilter.setAuthenticationManager(authenticationManager());
securityTokenFilter.setCheckForPrincipalChanges(true);
securityTokenFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
final HttpControllerPreAuthenticatedGatewaySecurityTokenFilter gatewaySecurityTokenFilter = new HttpControllerPreAuthenticatedGatewaySecurityTokenFilter(
tenantConfigurationManagement, tenantAware, systemSecurityContext);
gatewaySecurityTokenFilter.setAuthenticationManager(authenticationManager());
gatewaySecurityTokenFilter.setCheckForPrincipalChanges(true);
gatewaySecurityTokenFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
HttpSecurity httpSec = http.csrf().disable();
if (springSecurityProperties.isRequireSsl()) {
httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and();
}
if (ddiSecurityConfiguration.getAuthentication().getAnonymous().isEnabled()) {
LOG.info(
"******************\n** Anonymous controller security enabled, should only be used for developing purposes **\n******************");
final AnonymousAuthenticationFilter anoymousFilter = new AnonymousAuthenticationFilter(
"controllerAnonymousFilter", "anonymous",
Arrays.asList(new SimpleGrantedAuthority(SpringEvalExpressions.CONTROLLER_ROLE_ANONYMOUS)));
anoymousFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
httpSec.requestMatchers().antMatchers(DDI_ANT_MATCHERS).and().securityContext().disable().anonymous()
.authenticationFilter(anoymousFilter);
} else {
httpSec.addFilter(securityHeaderFilter).addFilter(securityTokenFilter)
.addFilter(gatewaySecurityTokenFilter).requestMatchers().antMatchers(DDI_ANT_MATCHERS).and()
.anonymous().disable().authorizeRequests().anyRequest().authenticated().and()
.exceptionHandling()
.authenticationEntryPoint((request, response, authException) -> response
.setStatus(HttpStatus.UNAUTHORIZED.value()))
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
示例14: addAnonymousAuthenticationFilter
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; //导入依赖的package包/类
private void addAnonymousAuthenticationFilter(List<Filter> filters) {
SecureRandom random = new SecureRandom();
AnonymousAuthenticationFilter anonFilter = new AnonymousAuthenticationFilter(Long.toString(random.nextLong()));
filters.add(anonFilter);
}