filter.setPasswordParameter(upConfig.getPasswordParameterName()); filter.setUsernameParameter(upConfig.getUsernameParameterName()); filter.setAuthenticationManager(getSecurityManager().authenticationManager()); filter.setRememberMeServices(rms); GeoServerWebAuthenticationDetailsSource s = new GeoServerWebAuthenticationDetailsSource(); filter.setAuthenticationDetailsSource(s); filter.setAllowSessionCreation(false); new SimpleUrlAuthenticationSuccessHandler(); successHandler.setDefaultTargetUrl(URL_LOGIN_SUCCCESS); filter.setAuthenticationSuccessHandler(successHandler); filter.setAuthenticationFailureHandler(failureHandler);
/** * Creates a new instance * @see HttpSecurity#formLogin() */ public FormLoginConfigurer() { super(new UsernamePasswordAuthenticationFilter(), null); usernameParameter("username"); passwordParameter("password"); }
/** * Gets the HTTP parameter that is used to submit the password. * * @return the HTTP parameter that is used to submit the password */ private String getPasswordParameter() { return getAuthenticationFilter().getPasswordParameter(); }
public UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter() throws Exception { UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter = new UsernamePasswordAuthenticationFilter(); usernamePasswordAuthenticationFilter .setAuthenticationManager(authenticationManager()); usernamePasswordAuthenticationFilter.setAllowSessionCreation(true); SimpleUrlAuthenticationSuccessHandler successHandler = new SimpleUrlAuthenticationSuccessHandler( "/index"); successHandler.setAlwaysUseDefaultTargetUrl(true); usernamePasswordAuthenticationFilter .setAuthenticationSuccessHandler(successHandler); usernamePasswordAuthenticationFilter .setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler( "/login?error=true")); usernamePasswordAuthenticationFilter .setAuthenticationDetailsSource(new CustomWebAuthenticationDetailsSource()); usernamePasswordAuthenticationFilter.afterPropertiesSet();
/** * The HTTP parameter to look for the username when performing authentication. Default * is "username". * * @param usernameParameter the HTTP parameter to look for the username when * performing authentication * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> usernameParameter(String usernameParameter) { getAuthenticationFilter().setUsernameParameter(usernameParameter); return this; }
/** * The HTTP parameter to look for the password when performing authentication. Default * is "password". * * @param passwordParameter the HTTP parameter to look for the password when * performing authentication * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> passwordParameter(String passwordParameter) { getAuthenticationFilter().setPasswordParameter(passwordParameter); return this; }
@Override public void configure(HttpSecurity http) throws Exception { PortMapper portMapper = http.getSharedObject(PortMapper.class); if (portMapper != null) { authenticationEntryPoint.setPortMapper(portMapper); } authFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); authFilter.setAuthenticationSuccessHandler(successHandler); authFilter.setAuthenticationFailureHandler(failureHandler); if (authenticationDetailsSource != null) { authFilter.setAuthenticationDetailsSource(authenticationDetailsSource); } SessionAuthenticationStrategy sessionAuthenticationStrategy = http .getSharedObject(SessionAuthenticationStrategy.class); if (sessionAuthenticationStrategy != null) { authFilter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy); } RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class); if (rememberMeServices != null) { authFilter.setRememberMeServices(rememberMeServices); } UsernamePasswordAuthenticationFilter filter = postProcess(authFilter); http.addFilter(filter); }
@Bean public UsernamePasswordAuthenticationFilter filter() { UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter(); filter.setAuthenticationManager(providerManager()); return filter; }
final UsernamePasswordAuthenticationFilter filter = (UsernamePasswordAuthenticationFilter) bean; filter.setUsernameParameter(getUsernameParameter()); filter.setPasswordParameter(getPasswordParameter());
/** * Gets the HTTP parameter that is used to submit the username. * * @return the HTTP parameter that is used to submit the username */ private String getUsernameParameter() { return getAuthenticationFilter().getUsernameParameter(); }
private void init(UsernamePasswordAuthenticationFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) { this.loginPageUrl = DEFAULT_LOGIN_PAGE_URL; this.logoutSuccessUrl = DEFAULT_LOGIN_PAGE_URL + "?logout"; this.failureUrl = DEFAULT_LOGIN_PAGE_URL + "?" + ERROR_PARAMETER_NAME; if (authFilter != null) { formLoginEnabled = true; usernameParameter = authFilter.getUsernameParameter(); passwordParameter = authFilter.getPasswordParameter(); if (authFilter.getRememberMeServices() instanceof AbstractRememberMeServices) { rememberMeParameter = ((AbstractRememberMeServices) authFilter .getRememberMeServices()).getParameter(); } } if (openIDFilter != null) { openIdEnabled = true; openIDusernameParameter = "openid_identifier"; if (openIDFilter.getRememberMeServices() instanceof AbstractRememberMeServices) { openIDrememberMeParameter = ((AbstractRememberMeServices) openIDFilter .getRememberMeServices()).getParameter(); } } }
authFilter.setRequiresAuthenticationRequestMatcher( new AntPathRequestMatcher("/login", "POST") ); authFilter .setAuthenticationManager(authenticationManager()); authFilter .setAuthenticationSuccessHandler( new SavedRequestAwareAuthenticationSuccessHandler() ); authFilter .setAuthenticationFailureHandler( new SimpleUrlAuthenticationFailureHandler("/login?error") );
@Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { validateLogin(request); validatePassword(request); return super.attemptAuthentication(request, response); }
/** * The HTTP parameter to look for the username when performing authentication. Default * is "username". * * @param usernameParameter the HTTP parameter to look for the username when * performing authentication * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> usernameParameter(String usernameParameter) { getAuthenticationFilter().setUsernameParameter(usernameParameter); return this; }
/** * The HTTP parameter to look for the password when performing authentication. Default * is "password". * * @param passwordParameter the HTTP parameter to look for the password when * performing authentication * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> passwordParameter(String passwordParameter) { getAuthenticationFilter().setPasswordParameter(passwordParameter); return this; }
@Bean public ProviderManager providerManager() { List<AuthenticationProvider> list = new ArrayList<AuthenticationProvider>(); list.add(daoAuthenticationProvider()); return new ProviderManager(list); } //If you use this filter (I think so, because you've defined 'username' and 'password' in 'configure' method) @Bean public UsernamePasswordAuthenticationFilter filter() { UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter(); filter.setAuthenticationManager(providerManager()); return filter; }
/** * Gets the HTTP parameter that is used to submit the username. * * @return the HTTP parameter that is used to submit the username */ private String getUsernameParameter() { return getAuthenticationFilter().getUsernameParameter(); }
@Override public Authentication attemptAuthentication( javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws AuthenticationException { final String autoLoginToken = request.getParameter("autoLoginToken"); if (autoLoginToken !=null) { final Guest one = jpaDaoService.findOne("guest.byAutoLoginToken", Guest.class, autoLoginToken); if (one!=null) { if ((System.currentTimeMillis()-one.autoLoginTokenTimestamp)>60000) { throw new RuntimeException("Token is too old!"); } final FlxUserDetails details = new FlxUserDetails(one); final UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(details, one.password, getAuthorities(one)); authRequest.setDetails(details); jpaDaoService.execute("UPDATE Guest SET autoLoginToken=null WHERE autoLoginToken='" + autoLoginToken + "'"); return authRequest; } else throw new RuntimeException("No such autologin token: " + autoLoginToken); } Authentication authentication = null; try { authentication = super.attemptAuthentication(request, response);} catch (AuthenticationException failed) { authentication = attemptAuthenticationWithEmailAddress(request); } return authentication; }
/** * Creates a new instance * @see HttpSecurity#formLogin() */ public FormLoginConfigurer() { super(new UsernamePasswordAuthenticationFilter(), null); usernameParameter("username"); passwordParameter("password"); }
/** * The HTTP parameter to look for the username when performing authentication. Default * is "username". * * @param usernameParameter the HTTP parameter to look for the username when * performing authentication * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> usernameParameter(String usernameParameter) { getAuthenticationFilter().setUsernameParameter(usernameParameter); return this; }