@Override public void init(H http) throws Exception { super.init(http); initDefaultLoginFilter(http); }
return super.loginPage(loginPage);
@Override public void configure(H http) throws Exception { getAuthenticationFilter().setConsumer(getConsumer()); super.configure(http); }
/** * <p> * Specifies the URL to send users to if login is required. If used with * {@link WebSecurityConfigurerAdapter} a default login page will be generated when * this attribute is not specified. * </p> * * <p> * If a URL is specified or this is not being used in conjuction with * {@link WebSecurityConfigurerAdapter}, users are required to process the specified * URL to generate a login page. * </p> */ protected T loginPage(String loginPage) { setLoginPage(loginPage); updateAuthenticationDefaults(); this.customLoginPage = true; return getSelf(); }
/** * Specifies the URL to validate the credentials. * * @param loginProcessingUrl the URL to validate username and password * @return the {@link FormLoginConfigurer} for additional customization */ public T loginProcessingUrl(String loginProcessingUrl) { this.loginProcessingUrl = loginProcessingUrl; authFilter .setRequiresAuthenticationRequestMatcher(createLoginProcessingUrlMatcher(loginProcessingUrl)); return getSelf(); }
@SuppressWarnings("unchecked") protected final void registerAuthenticationEntryPoint(B http, AuthenticationEntryPoint authenticationEntryPoint) { ExceptionHandlingConfigurer<B> exceptionHandling = http .getConfigurer(ExceptionHandlingConfigurer.class); if (exceptionHandling == null) { return; } exceptionHandling.defaultAuthenticationEntryPointFor( postProcess(authenticationEntryPoint), getAuthenticationEntryPointMatcher(http)); }
this.loginProcessingUrl); this.setAuthenticationFilter(authenticationFilter); super.loginProcessingUrl(this.loginProcessingUrl); RequestMatcher authenticationNullMatcher = request -> SecurityContextHolder.getContext().getAuthentication() == null; authenticationFilter.setRequiresAuthenticationRequestMatcher(new AndRequestMatcher(createLoginProcessingUrlMatcher(this.loginProcessingUrl), super.loginPage(this.loginPage); super.init(http); } else { Map<String, String> loginUrlToClientName = this.getLoginLinks(); this.registerAuthenticationEntryPoint(http, this.getLoginEntryPoint(http, providerLoginPage)); } else { super.init(http);
/** * Updates the default values for authentication. * * @throws Exception */ protected final void updateAuthenticationDefaults() { if (loginProcessingUrl == null) { loginProcessingUrl(loginPage); } if (failureHandler == null) { failureUrl(loginPage + "?error"); } final LogoutConfigurer<B> logoutConfigurer = getBuilder().getConfigurer( LogoutConfigurer.class); if (logoutConfigurer != null && !logoutConfigurer.isCustomLogoutSuccess()) { logoutConfigurer.logoutSuccessUrl(loginPage + "?logout"); } }
/** * Ensures the urls for {@link #failureUrl(String)} as well as for the {@link HttpSecurityBuilder}, the * {@link #getLoginPage} and {@link #getLoginProcessingUrl} are granted access to any user. * * @param permitAll true to grant access to the URLs false to skip this step * @return the {@link FormLoginConfigurer} for additional customization */ public final T permitAll(boolean permitAll) { this.permitAll = permitAll; return getSelf(); }
/** * Creates a new instance * @param authenticationFilter the {@link AbstractAuthenticationProcessingFilter} to use * @param defaultLoginProcessingUrl the default URL to use for {@link #loginProcessingUrl(String)} */ protected AbstractAuthenticationFilterConfigurer(F authenticationFilter, String defaultLoginProcessingUrl) { this.authFilter = authenticationFilter; loginUrl("/login"); failureUrl("/login?error"); loginProcessingUrl(defaultLoginProcessingUrl); this.customLoginPage = false; }
/** * Specifies the URL used to log in. If the request matches the URL and is an HTTP POST, the * {@link UsernamePasswordAuthenticationFilter} will attempt to authenticate * the request. Otherwise, if the request matches the URL the user will be sent to the login form. * * @param loginUrl the URL used to perform authentication * @return the {@link FormLoginConfigurer} for additional customization */ public final T loginUrl(String loginUrl) { loginProcessingUrl(loginUrl); return loginPage(loginUrl); }
/** * Specifies the URL used to authenticate OpenID requests. If the * {@link HttpServletRequest} matches this URL the {@link OpenIDAuthenticationFilter} * will attempt to authenticate the request. The default is "/login/openid". * * @param loginProcessingUrl the URL used to perform authentication * @return the {@link OpenIDLoginConfigurer} for additional customization */ @Override public OpenIDLoginConfigurer<H> loginProcessingUrl(String loginProcessingUrl) { return super.loginProcessingUrl(loginProcessingUrl); }
@Override public void configure(B http) throws Exception { PortMapper portMapper = http.getSharedObject(PortMapper.class); if (portMapper != null) { authenticationEntryPoint.setPortMapper(portMapper); } RequestCache requestCache = http.getSharedObject(RequestCache.class); if (requestCache != null) { this.defaultSuccessHandler.setRequestCache(requestCache); } authFilter.setAuthenticationManager(http .getSharedObject(AuthenticationManager.class)); authFilter.setAuthenticationSuccessHandler(successHandler); authFilter.setAuthenticationFailureHandler(failureHandler); if (authenticationDetailsSource != null) { authFilter.setAuthenticationDetailsSource(authenticationDetailsSource); } SessionAuthenticationStrategy sessionAuthenticationStrategy = http .getSharedObject(SessionAuthenticationStrategy.class); if (sessionAuthenticationStrategy != null) { authFilter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy); } RememberMeServices rememberMeServices = http .getSharedObject(RememberMeServices.class); if (rememberMeServices != null) { authFilter.setRememberMeServices(rememberMeServices); } F filter = postProcess(authFilter); http.addFilter(filter); }
/** * Specifies where users will go after authenticating successfully if they have not * visited a secured page prior to authenticating. This is a shortcut for calling * {@link #defaultSuccessUrl(String)}. * * @param defaultSuccessUrl the default success url * @return the {@link FormLoginConfigurer} for additional customization */ public final T defaultSuccessUrl(String defaultSuccessUrl) { return defaultSuccessUrl(defaultSuccessUrl, false); }
/** * Equivalent of invoking permitAll(true) * @return the {@link FormLoginConfigurer} for additional customization */ public final T permitAll() { return permitAll(true); }
/** * The URL to send users if authentication fails. This is a shortcut for invoking * {@link #failureHandler(AuthenticationFailureHandler)}. The default is * "/login?error". * * @param authenticationFailureUrl the URL to send users if authentication fails (i.e. * "/login?error"). * @return the {@link FormLoginConfigurer} for additional customization */ public final T failureUrl(String authenticationFailureUrl) { T result = failureHandler(new SimpleUrlAuthenticationFailureHandler( authenticationFailureUrl)); this.failureUrl = authenticationFailureUrl; return result; }
this.loginProcessingUrl); this.setAuthenticationFilter(authenticationFilter); super.loginProcessingUrl(this.loginProcessingUrl); RequestMatcher authenticationNullMatcher = request -> SecurityContextHolder.getContext().getAuthentication() == null; authenticationFilter.setRequiresAuthenticationRequestMatcher(new AndRequestMatcher(createLoginProcessingUrlMatcher(this.loginProcessingUrl), super.loginPage(this.loginPage); super.init(http); } else { Map<String, String> loginUrlToClientName = this.getLoginLinks(); this.registerAuthenticationEntryPoint(http, this.getLoginEntryPoint(http, providerLoginPage)); } else { super.init(http);
/** * Updates the default values for authentication. * * @throws Exception */ protected final void updateAuthenticationDefaults() { if (loginProcessingUrl == null) { loginProcessingUrl(loginPage); } if (failureHandler == null) { failureUrl(loginPage + "?error"); } final LogoutConfigurer<B> logoutConfigurer = getBuilder().getConfigurer( LogoutConfigurer.class); if (logoutConfigurer != null && !logoutConfigurer.isCustomLogoutSuccess()) { logoutConfigurer.logoutSuccessUrl(loginPage + "?logout"); } }
/** * <p> * Specifies the URL to send users to if login is required. If used with * {@link WebSecurityConfigurerAdapter} a default login page will be generated when * this attribute is not specified. * </p> * * <p> * If a URL is specified or this is not being used in conjuction with * {@link WebSecurityConfigurerAdapter}, users are required to process the specified * URL to generate a login page. * </p> */ protected T loginPage(String loginPage) { setLoginPage(loginPage); updateAuthenticationDefaults(); this.customLoginPage = true; return getSelf(); }
/** * Specifies a custom {@link AuthenticationDetailsSource}. The default is * {@link WebAuthenticationDetailsSource}. * * @param authenticationDetailsSource the custom {@link AuthenticationDetailsSource} * @return the {@link FormLoginConfigurer} for additional customization */ public final T authenticationDetailsSource( AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) { this.authenticationDetailsSource = authenticationDetailsSource; return getSelf(); }