本文整理汇总了Java中org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter类的典型用法代码示例。如果您正苦于以下问题:Java RequestHeaderAuthenticationFilter类的具体用法?Java RequestHeaderAuthenticationFilter怎么用?Java RequestHeaderAuthenticationFilter使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
RequestHeaderAuthenticationFilter类属于org.springframework.security.web.authentication.preauth包,在下文中一共展示了RequestHeaderAuthenticationFilter类的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: requestHeaderAuthenticationFilter
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入依赖的package包/类
@SuppressWarnings("PMD.SignatureDeclareThrowsException")
private RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() throws Exception {
RequestHeaderAuthenticationFilter f = new RequestHeaderAuthenticationFilter();
f.setPrincipalRequestHeader("X-Forwarded-User");
f.setCredentialsRequestHeader("X-Forwarded-Access-Token");
f.setAuthenticationManager(authenticationManager());
f.setAuthenticationDetailsSource(
(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>)
(request) ->new PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(
request,
AuthorityUtils.createAuthorityList("ROLE_AUTHENTICATED")
)
);
f.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
f.setExceptionIfHeaderMissing(false);
return f;
}
示例2: createIVUserHeaderFilter
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入依赖的package包/类
/**
* Creates an iv-user header filter to get user id from TAM/Webseal.
*
* @return the request header authentication filter
* @throws Exception
* the exception if something goes wrong
*/
private RequestHeaderAuthenticationFilter createIVUserHeaderFilter() {
RequestHeaderAuthenticationFilter requestFilter = new RequestHeaderAuthenticationFilter();
requestFilter.setPrincipalRequestHeader("iv-user");
requestFilter.setExceptionIfHeaderMissing(false);
requestFilter.setCheckForPrincipalChanges(true);
try {
requestFilter.setAuthenticationManager(this.authenticationManagerBean());
} catch (Exception e) {
LOG.error("Error during security setup", e);
throw new InstantiationException("Error creating authentication manager", WebSecurityConfig.class, e);
}
return requestFilter;
}
示例3: configure
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.expressionHandler(webExpressionHandler())
// Some general filters for access, more specific ones are set at each method
.antMatchers(HttpMethod.POST, "/x509/api/report-bug").permitAll()
.antMatchers(HttpMethod.POST, "/x509/api/org/apply").permitAll()
.antMatchers(HttpMethod.GET, "/x509/api/certificates/crl/*").permitAll()
.antMatchers(HttpMethod.GET, "/x509/api/certificates/ocsp/**").permitAll()
.antMatchers(HttpMethod.POST, "/x509/api/certificates/ocsp/*").permitAll()
.antMatchers(HttpMethod.POST, "/x509/api/**").authenticated()
.antMatchers(HttpMethod.PUT, "/x509/api/**").authenticated()
.antMatchers(HttpMethod.DELETE, "/x509/api/**").authenticated()
.antMatchers(HttpMethod.GET, "/x509/api/**").authenticated()
;
if (!useStandardSSL) {
// Create and setup the filter used to extract the client certificate from the header
RequestHeaderAuthenticationFilter certFilter = new RequestHeaderAuthenticationFilter();
certFilter.setAuthenticationManager(authenticationManager());
certFilter.setPrincipalRequestHeader("X-Client-Certificate");
certFilter.setExceptionIfHeaderMissing(false);
http.addFilter(certFilter);
} else {
// Using this approach is not recommended since we don't extract all the information from
// the certificate, as done in the approach above.
http
.x509()
.subjectPrincipalRegex("(.*)") // Extract all and let it be handled by the X509UserDetailsService. "CN=(.*?)," for CommonName only
.userDetailsService(x509UserDetailsService())
;
}
}
示例4: configure
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(final HttpSecurity http) throws Exception {
final BasicAuthenticationEntryPoint basicAuthEntryPoint = new BasicAuthenticationEntryPoint();
basicAuthEntryPoint.setRealmName(springSecurityProperties.getBasic().getRealm());
HttpSecurity httpSec = http.regexMatcher("\\/rest.*|\\/system/admin.*").csrf().disable();
if (springSecurityProperties.isRequireSsl()) {
httpSec = httpSec.requiresChannel().anyRequest().requiresSecure().and();
}
httpSec.addFilterBefore(new Filter() {
@Override
public void init(final FilterConfig filterConfig) throws ServletException {
userAuthenticationFilter.init(filterConfig);
}
@Override
public void doFilter(final ServletRequest request, final ServletResponse response,
final FilterChain chain) throws IOException, ServletException {
userAuthenticationFilter.doFilter(request, response, chain);
}
@Override
public void destroy() {
userAuthenticationFilter.destroy();
}
}, RequestHeaderAuthenticationFilter.class)
.addFilterAfter(new AuthenticationSuccessTenantMetadataCreationFilter(systemManagement,
systemSecurityContext), SessionManagementFilter.class)
.authorizeRequests().anyRequest().authenticated()
.antMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
.hasAnyAuthority(SpPermission.SYSTEM_ADMIN);
httpSec.httpBasic().and().exceptionHandling().authenticationEntryPoint(basicAuthEntryPoint);
httpSec.anonymous().disable();
httpSec.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
示例5: requestHeaderAuthenticationFilter
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入依赖的package包/类
@Profile("sso")
@Bean
public RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter(AuthenticationManager authenticationManager) {
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
filter.setPrincipalRequestHeader("SM_USER");
filter.setAuthenticationManager(authenticationManager);
return filter;
}