@Override public void configure(H http) throws Exception { authenticationFilter.afterPropertiesSet(); http.addFilter(authenticationFilter); }
@Override public void configure(H http) throws Exception { LogoutFilter logoutFilter = createLogoutFilter(http); http.addFilter(logoutFilter); }
@Override public void configure(H http) throws Exception { HeaderWriterFilter headersFilter = createHeaderWriterFilter(); http.addFilter(headersFilter); }
@Override public void configure(H http) throws Exception { ApplicationContext context = http.getSharedObject(ApplicationContext.class); CorsFilter corsFilter = getCorsFilter(context); if (corsFilter == null) { throw new IllegalStateException( "Please configure either a " + CORS_FILTER_BEAN_NAME + " bean or a " + CORS_CONFIGURATION_SOURCE_BEAN_NAME + "bean."); } http.addFilter(corsFilter); }
@Override public void configure(H http) throws Exception { X509AuthenticationFilter filter = getFilter(http .getSharedObject(AuthenticationManager.class)); http.addFilter(filter); }
@Override public void configure(H http) throws Exception { J2eePreAuthenticatedProcessingFilter filter = getFilter(http .getSharedObject(AuthenticationManager.class)); http.addFilter(filter); }
@Override @SuppressWarnings("unchecked") public void configure(H http) throws Exception { AuthenticationEntryPoint authenticationEntryPoint = null; ExceptionHandlingConfigurer<?> exceptionConf = http .getConfigurer(ExceptionHandlingConfigurer.class); if (exceptionConf != null) { authenticationEntryPoint = exceptionConf.getAuthenticationEntryPoint(); } if (loginPageGeneratingFilter.isEnabled() && authenticationEntryPoint == null) { loginPageGeneratingFilter = postProcess(loginPageGeneratingFilter); http.addFilter(loginPageGeneratingFilter); http.addFilter(this.logoutPageGeneratingFilter); } }
@Override public void configure(H http) throws Exception { RequestCache requestCache = getRequestCache(http); RequestCacheAwareFilter requestCacheFilter = new RequestCacheAwareFilter( requestCache); requestCacheFilter = postProcess(requestCacheFilter); http.addFilter(requestCacheFilter); }
@Override public void configure(H http) throws Exception { RememberMeAuthenticationFilter rememberMeFilter = new RememberMeAuthenticationFilter( http.getSharedObject(AuthenticationManager.class), this.rememberMeServices); if (this.authenticationSuccessHandler != null) { rememberMeFilter .setAuthenticationSuccessHandler(this.authenticationSuccessHandler); } rememberMeFilter = postProcess(rememberMeFilter); http.addFilter(rememberMeFilter); }
@Override public void configure(B http) throws Exception { OAuth2AuthorizationRequestRedirectFilter authorizationRequestFilter = new OAuth2AuthorizationRequestRedirectFilter( OAuth2ClientConfigurerUtils.getClientRegistrationRepository(this.getBuilder()), this.getAuthorizationRequestBaseUri()); http.addFilter(this.postProcess(authorizationRequestFilter)); }
@Override public void configure(H http) throws Exception { AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http); ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter( entryPoint, getRequestCache(http)); AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http); exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler); exceptionTranslationFilter = postProcess(exceptionTranslationFilter); http.addFilter(exceptionTranslationFilter); }
@Override public void configure(H http) throws Exception { FilterInvocationSecurityMetadataSource metadataSource = createMetadataSource(http); if (metadataSource == null) { return; } FilterSecurityInterceptor securityInterceptor = createFilterSecurityInterceptor( http, metadataSource, http.getSharedObject(AuthenticationManager.class)); if (filterSecurityInterceptorOncePerRequest != null) { securityInterceptor .setObserveOncePerRequest(filterSecurityInterceptorOncePerRequest); } securityInterceptor = postProcess(securityInterceptor); http.addFilter(securityInterceptor); http.setSharedObject(FilterSecurityInterceptor.class, securityInterceptor); }
@Override public void configure(B http) throws Exception { AuthenticationManager authenticationManager = http .getSharedObject(AuthenticationManager.class); BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter( authenticationManager, this.authenticationEntryPoint); if (this.authenticationDetailsSource != null) { basicAuthenticationFilter .setAuthenticationDetailsSource(this.authenticationDetailsSource); } RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class); if (rememberMeServices != null) { basicAuthenticationFilter.setRememberMeServices(rememberMeServices); } basicAuthenticationFilter = postProcess(basicAuthenticationFilter); http.addFilter(basicAuthenticationFilter); } }
@Override public void configure(H http) throws Exception { ChannelDecisionManagerImpl channelDecisionManager = new ChannelDecisionManagerImpl(); channelDecisionManager.setChannelProcessors(getChannelProcessors(http)); channelDecisionManager = postProcess(channelDecisionManager); channelFilter.setChannelDecisionManager(channelDecisionManager); DefaultFilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource( requestMap); channelFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource); channelFilter = postProcess(channelFilter); http.addFilter(channelFilter); }
@Override @SuppressWarnings("unchecked") public void configure(H http) throws Exception { SecurityContextRepository securityContextRepository = http .getSharedObject(SecurityContextRepository.class); if (securityContextRepository == null) { securityContextRepository = new HttpSessionSecurityContextRepository(); } SecurityContextPersistenceFilter securityContextFilter = new SecurityContextPersistenceFilter( securityContextRepository); SessionManagementConfigurer<?> sessionManagement = http .getConfigurer(SessionManagementConfigurer.class); SessionCreationPolicy sessionCreationPolicy = sessionManagement == null ? null : sessionManagement.getSessionCreationPolicy(); if (SessionCreationPolicy.ALWAYS == sessionCreationPolicy) { securityContextFilter.setForceEagerSessionCreation(true); } securityContextFilter = postProcess(securityContextFilter); http.addFilter(securityContextFilter); } }
http.addFilter(securityContextRequestFilter);
@Override public void configure(H http) throws Exception { BearerTokenResolver bearerTokenResolver = getBearerTokenResolver(); this.requestMatcher.setBearerTokenResolver(bearerTokenResolver); AuthenticationManager manager = http.getSharedObject(AuthenticationManager.class); BearerTokenAuthenticationFilter filter = new BearerTokenAuthenticationFilter(manager); filter.setBearerTokenResolver(bearerTokenResolver); filter.setAuthenticationEntryPoint(this.authenticationEntryPoint); filter = postProcess(filter); http.addFilter(filter); if ( this.jwtConfigurer == null ) { throw new IllegalStateException("Jwt is the only supported format for bearer tokens " + "in Spring Security and no Jwt configuration was found. Make sure to specify " + "a jwk set uri by doing http.oauth2ResourceServer().jwt().jwkSetUri(uri), or wire a " + "JwtDecoder instance by doing http.oauth2ResourceServer().jwt().decoder(decoder), or " + "expose a JwtDecoder instance as a bean and do http.oauth2ResourceServer().jwt()."); } JwtDecoder decoder = this.jwtConfigurer.getJwtDecoder(); Converter<Jwt, ? extends AbstractAuthenticationToken> jwtAuthenticationConverter = this.jwtConfigurer.getJwtAuthenticationConverter(); JwtAuthenticationProvider provider = new JwtAuthenticationProvider(decoder); provider.setJwtAuthenticationConverter(jwtAuthenticationConverter); provider = postProcess(provider); http.authenticationProvider(provider); }
@SuppressWarnings("unchecked") @Override public void configure(H http) throws Exception { CsrfFilter filter = new CsrfFilter(this.csrfTokenRepository); RequestMatcher requireCsrfProtectionMatcher = getRequireCsrfProtectionMatcher(); if (requireCsrfProtectionMatcher != null) { filter.setRequireCsrfProtectionMatcher(requireCsrfProtectionMatcher); } AccessDeniedHandler accessDeniedHandler = createAccessDeniedHandler(http); if (accessDeniedHandler != null) { filter.setAccessDeniedHandler(accessDeniedHandler); } LogoutConfigurer<H> logoutConfigurer = http.getConfigurer(LogoutConfigurer.class); if (logoutConfigurer != null) { logoutConfigurer .addLogoutHandler(new CsrfLogoutHandler(this.csrfTokenRepository)); } SessionManagementConfigurer<H> sessionConfigurer = http .getConfigurer(SessionManagementConfigurer.class); if (sessionConfigurer != null) { sessionConfigurer.addSessionAuthenticationStrategy( new CsrfAuthenticationStrategy(this.csrfTokenRepository)); } filter = postProcess(filter); http.addFilter(filter); }
@Override public void configure(B http) throws Exception { PortMapper portMapper = http.getSharedObject(PortMapper.class); if (portMapper != null) { authenticationEntryPoint.setPortMapper(portMapper); } RequestCache requestCache = http.getSharedObject(RequestCache.class); if (requestCache != null) { this.defaultSuccessHandler.setRequestCache(requestCache); } authFilter.setAuthenticationManager(http .getSharedObject(AuthenticationManager.class)); authFilter.setAuthenticationSuccessHandler(successHandler); authFilter.setAuthenticationFailureHandler(failureHandler); if (authenticationDetailsSource != null) { authFilter.setAuthenticationDetailsSource(authenticationDetailsSource); } SessionAuthenticationStrategy sessionAuthenticationStrategy = http .getSharedObject(SessionAuthenticationStrategy.class); if (sessionAuthenticationStrategy != null) { authFilter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy); } RememberMeServices rememberMeServices = http .getSharedObject(RememberMeServices.class); if (rememberMeServices != null) { authFilter.setRememberMeServices(rememberMeServices); } F filter = postProcess(authFilter); http.addFilter(filter); }