本文整理汇总了Java中org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter.setPrincipalRequestHeader方法的典型用法代码示例。如果您正苦于以下问题:Java RequestHeaderAuthenticationFilter.setPrincipalRequestHeader方法的具体用法?Java RequestHeaderAuthenticationFilter.setPrincipalRequestHeader怎么用?Java RequestHeaderAuthenticationFilter.setPrincipalRequestHeader使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
的用法示例。
在下文中一共展示了RequestHeaderAuthenticationFilter.setPrincipalRequestHeader方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: requestHeaderAuthenticationFilter
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入方法依赖的package包/类
@SuppressWarnings("PMD.SignatureDeclareThrowsException")
private RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() throws Exception {
RequestHeaderAuthenticationFilter f = new RequestHeaderAuthenticationFilter();
f.setPrincipalRequestHeader("X-Forwarded-User");
f.setCredentialsRequestHeader("X-Forwarded-Access-Token");
f.setAuthenticationManager(authenticationManager());
f.setAuthenticationDetailsSource(
(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>)
(request) ->new PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(
request,
AuthorityUtils.createAuthorityList("ROLE_AUTHENTICATED")
)
);
f.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
f.setExceptionIfHeaderMissing(false);
return f;
}
示例2: createIVUserHeaderFilter
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入方法依赖的package包/类
/**
* Creates an iv-user header filter to get user id from TAM/Webseal.
*
* @return the request header authentication filter
* @throws Exception
* the exception if something goes wrong
*/
private RequestHeaderAuthenticationFilter createIVUserHeaderFilter() {
RequestHeaderAuthenticationFilter requestFilter = new RequestHeaderAuthenticationFilter();
requestFilter.setPrincipalRequestHeader("iv-user");
requestFilter.setExceptionIfHeaderMissing(false);
requestFilter.setCheckForPrincipalChanges(true);
try {
requestFilter.setAuthenticationManager(this.authenticationManagerBean());
} catch (Exception e) {
LOG.error("Error during security setup", e);
throw new InstantiationException("Error creating authentication manager", WebSecurityConfig.class, e);
}
return requestFilter;
}
示例3: configure
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入方法依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.expressionHandler(webExpressionHandler())
// Some general filters for access, more specific ones are set at each method
.antMatchers(HttpMethod.POST, "/x509/api/report-bug").permitAll()
.antMatchers(HttpMethod.POST, "/x509/api/org/apply").permitAll()
.antMatchers(HttpMethod.GET, "/x509/api/certificates/crl/*").permitAll()
.antMatchers(HttpMethod.GET, "/x509/api/certificates/ocsp/**").permitAll()
.antMatchers(HttpMethod.POST, "/x509/api/certificates/ocsp/*").permitAll()
.antMatchers(HttpMethod.POST, "/x509/api/**").authenticated()
.antMatchers(HttpMethod.PUT, "/x509/api/**").authenticated()
.antMatchers(HttpMethod.DELETE, "/x509/api/**").authenticated()
.antMatchers(HttpMethod.GET, "/x509/api/**").authenticated()
;
if (!useStandardSSL) {
// Create and setup the filter used to extract the client certificate from the header
RequestHeaderAuthenticationFilter certFilter = new RequestHeaderAuthenticationFilter();
certFilter.setAuthenticationManager(authenticationManager());
certFilter.setPrincipalRequestHeader("X-Client-Certificate");
certFilter.setExceptionIfHeaderMissing(false);
http.addFilter(certFilter);
} else {
// Using this approach is not recommended since we don't extract all the information from
// the certificate, as done in the approach above.
http
.x509()
.subjectPrincipalRegex("(.*)") // Extract all and let it be handled by the X509UserDetailsService. "CN=(.*?)," for CommonName only
.userDetailsService(x509UserDetailsService())
;
}
}
示例4: requestHeaderAuthenticationFilter
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; //导入方法依赖的package包/类
@Profile("sso")
@Bean
public RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter(AuthenticationManager authenticationManager) {
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
filter.setPrincipalRequestHeader("SM_USER");
filter.setAuthenticationManager(authenticationManager);
return filter;
}