protected void configure(ServerHttpSecurity http) { CorsWebFilter corsFilter = getCorsFilter(); if (corsFilter != null) { http.addFilterAt(this.corsFilter, SecurityWebFiltersOrder.CORS); } }
protected void configure(ServerHttpSecurity http) { createLogoutHandler().ifPresent(this.logoutWebFilter::setLogoutHandler); http.addFilterAt(this.logoutWebFilter, SecurityWebFiltersOrder.LOGOUT); }
protected void configure(ServerHttpSecurity http) { if (this.matcher != null) { throw new IllegalStateException("The matcher " + this.matcher + " does not have an access rule defined"); } AuthorizationWebFilter result = new AuthorizationWebFilter(this.managerBldr.build()); http.addFilterAt(result, SecurityWebFiltersOrder.AUTHORIZATION); }
protected void configure(ServerHttpSecurity http) { if (authenticationFilter == null) { authenticationFilter = new AnonymousAuthenticationWebFilter(getKey(), principal, authorities); } http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.ANONYMOUS_AUTHENTICATION); }
protected void configure(ServerHttpSecurity http) { Optional.ofNullable(this.csrfTokenRepository).ifPresent(serverCsrfTokenRepository -> { this.filter.setCsrfTokenRepository(serverCsrfTokenRepository); http.logout().addLogoutHandler(new CsrfServerLogoutHandler(serverCsrfTokenRepository)); }); http.addFilterAt(this.filter, SecurityWebFiltersOrder.CSRF); }
protected void configure(ServerHttpSecurity http) { ServerHttpHeadersWriter writer = new CompositeServerHttpHeadersWriter(this.writers); HttpHeaderWriterWebFilter result = new HttpHeaderWriterWebFilter(writer); http.addFilterAt(result, SecurityWebFiltersOrder.HTTP_HEADERS_WRITER); }
protected void configure(ServerHttpSecurity http) { ServerRequestCacheWebFilter filter = new ServerRequestCacheWebFilter(); filter.setRequestCache(this.requestCache); http.addFilterAt(filter, SecurityWebFiltersOrder.SERVER_REQUEST_CACHE); }
protected void configure(ServerHttpSecurity http) { ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository(); ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository(); ServerAuthenticationConverter authenticationConverter = getAuthenticationConverter(); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); OAuth2AuthorizationCodeGrantWebFilter codeGrantWebFilter = new OAuth2AuthorizationCodeGrantWebFilter(authenticationManager, authenticationConverter, authorizedClientRepository); OAuth2AuthorizationRequestRedirectWebFilter oauthRedirectFilter = new OAuth2AuthorizationRequestRedirectWebFilter( clientRegistrationRepository); http.addFilterAt(codeGrantWebFilter, SecurityWebFiltersOrder.OAUTH2_AUTHORIZATION_CODE); http.addFilterAt(oauthRedirectFilter, SecurityWebFiltersOrder.HTTP_BASIC); }
protected void configure(ServerHttpSecurity http) { HttpsRedirectWebFilter httpsRedirectWebFilter = new HttpsRedirectWebFilter(); if (this.serverWebExchangeMatcher != null) { httpsRedirectWebFilter.setRequiresHttpsRedirectMatcher(this.serverWebExchangeMatcher); } if (this.portMapper != null) { httpsRedirectWebFilter.setPortMapper(this.portMapper); } http.addFilterAt(httpsRedirectWebFilter, SecurityWebFiltersOrder.HTTPS_REDIRECT); }
protected void configure(ServerHttpSecurity http) { if (http.authenticationEntryPoint != null) { return; } if (http.formLogin != null && http.formLogin.isEntryPointExplicit) { return; } LoginPageGeneratingWebFilter loginPage = null; if (http.formLogin != null && !http.formLogin.isEntryPointExplicit) { loginPage = new LoginPageGeneratingWebFilter(); loginPage.setFormLoginEnabled(true); } if (http.oauth2Login != null) { Map<String, String> urlToText = http.oauth2Login.getLinks(); if (loginPage == null) { loginPage = new LoginPageGeneratingWebFilter(); } loginPage.setOauth2AuthenticationUrlToClientName(urlToText); } if (loginPage != null) { http.addFilterAt(loginPage, SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING); http.addFilterAt(new LogoutPageGeneratingWebFilter(), SecurityWebFiltersOrder.LOGOUT_PAGE_GENERATING); } }
protected void configure(ServerHttpSecurity http) { MediaTypeServerWebExchangeMatcher restMatcher = new MediaTypeServerWebExchangeMatcher( MediaType.APPLICATION_ATOM_XML, MediaType.APPLICATION_FORM_URLENCODED, MediaType.APPLICATION_JSON, MediaType.APPLICATION_OCTET_STREAM, MediaType.APPLICATION_XML, MediaType.MULTIPART_FORM_DATA, MediaType.TEXT_XML); restMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL)); ServerHttpSecurity.this.defaultEntryPoints.add(new DelegateEntry(restMatcher, this.entryPoint)); AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter( this.authenticationManager); authenticationFilter.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(this.entryPoint)); authenticationFilter.setAuthenticationConverter(new ServerHttpBasicAuthenticationConverter()); if (this.securityContextRepository != null) { authenticationFilter.setSecurityContextRepository(this.securityContextRepository); } http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.HTTP_BASIC); }
protected void configure(ServerHttpSecurity http) { ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository(); ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository(); OAuth2AuthorizationRequestRedirectWebFilter oauthRedirectFilter = getRedirectWebFilter(); ReactiveAuthenticationManager manager = getAuthenticationManager(); AuthenticationWebFilter authenticationFilter = new OAuth2LoginAuthenticationWebFilter(manager, authorizedClientRepository); authenticationFilter.setRequiresAuthenticationMatcher(getAuthenticationMatcher()); authenticationFilter.setServerAuthenticationConverter(getAuthenticationConverter(clientRegistrationRepository)); RedirectServerAuthenticationSuccessHandler redirectHandler = new RedirectServerAuthenticationSuccessHandler(); authenticationFilter.setAuthenticationSuccessHandler(redirectHandler); authenticationFilter.setAuthenticationFailureHandler(new ServerAuthenticationFailureHandler() { @Override public Mono<Void> onAuthenticationFailure(WebFilterExchange webFilterExchange, AuthenticationException exception) { return Mono.error(exception); } }); authenticationFilter.setSecurityContextRepository(new WebSessionServerSecurityContextRepository()); MediaTypeServerWebExchangeMatcher htmlMatcher = new MediaTypeServerWebExchangeMatcher( MediaType.TEXT_HTML); htmlMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL)); Map<String, String> urlToText = http.oauth2Login.getLinks(); if (urlToText.size() == 1) { http.defaultEntryPoints.add(new DelegateEntry(htmlMatcher, new RedirectServerAuthenticationEntryPoint(urlToText.keySet().iterator().next()))); } else { http.defaultEntryPoints.add(new DelegateEntry(htmlMatcher, new RedirectServerAuthenticationEntryPoint("/login"))); } http.addFilterAt(oauthRedirectFilter, SecurityWebFiltersOrder.HTTP_BASIC); http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.AUTHENTICATION); }
protected void configure(ServerHttpSecurity http) { this.bearerTokenServerWebExchangeMatcher.setBearerTokenConverter(bearerTokenConverter); registerDefaultAccessDeniedHandler(http); registerDefaultAuthenticationEntryPoint(http); registerDefaultCsrfOverride(http); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); AuthenticationWebFilter oauth2 = new AuthenticationWebFilter(authenticationManager); oauth2.setServerAuthenticationConverter(bearerTokenConverter); oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); http .addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); }
protected void configure(ServerHttpSecurity http) { if (this.authenticationEntryPoint == null) { this.isEntryPointExplicit = false; loginPage("/login"); } else { this.isEntryPointExplicit = true; } if (http.requestCache != null) { ServerRequestCache requestCache = http.requestCache.requestCache; this.defaultSuccessHandler.setRequestCache(requestCache); if (this.defaultEntryPoint != null) { this.defaultEntryPoint.setRequestCache(requestCache); } } MediaTypeServerWebExchangeMatcher htmlMatcher = new MediaTypeServerWebExchangeMatcher( MediaType.TEXT_HTML); htmlMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL)); ServerHttpSecurity.this.defaultEntryPoints.add(0, new DelegateEntry(htmlMatcher, this.authenticationEntryPoint)); AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter( this.authenticationManager); authenticationFilter.setRequiresAuthenticationMatcher(this.requiresAuthenticationMatcher); authenticationFilter.setAuthenticationFailureHandler(this.authenticationFailureHandler); authenticationFilter.setAuthenticationConverter(new ServerFormLoginAuthenticationConverter()); authenticationFilter.setAuthenticationSuccessHandler(this.authenticationSuccessHandler); authenticationFilter.setSecurityContextRepository(this.securityContextRepository); http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.FORM_LOGIN); }
this.addFilterAt(new SecurityContextServerWebExchangeWebFilter(), SecurityWebFiltersOrder.SECURITY_CONTEXT_SERVER_WEB_EXCHANGE); if (this.authorizeExchange != null) { ServerAuthenticationEntryPoint authenticationEntryPoint = getAuthenticationEntryPoint(); accessDeniedHandler); this.addFilterAt(exceptionTranslationWebFilter, SecurityWebFiltersOrder.EXCEPTION_TRANSLATION); this.authorizeExchange.configure(this);
protected void configure(ServerHttpSecurity http) { CorsWebFilter corsFilter = getCorsFilter(); if (corsFilter != null) { http.addFilterAt(this.corsFilter, SecurityWebFiltersOrder.CORS); } }
protected void configure(ServerHttpSecurity http) { if (this.matcher != null) { throw new IllegalStateException("The matcher " + this.matcher + " does not have an access rule defined"); } AuthorizationWebFilter result = new AuthorizationWebFilter(this.managerBldr.build()); http.addFilterAt(result, SecurityWebFiltersOrder.AUTHORIZATION); }
protected void configure(ServerHttpSecurity http) { ServerHttpHeadersWriter writer = new CompositeServerHttpHeadersWriter(this.writers); HttpHeaderWriterWebFilter result = new HttpHeaderWriterWebFilter(writer); http.addFilterAt(result, SecurityWebFiltersOrder.HTTP_HEADERS_WRITER); }
protected void configure(ServerHttpSecurity http) { Optional.ofNullable(this.csrfTokenRepository).ifPresent(serverCsrfTokenRepository -> { this.filter.setCsrfTokenRepository(serverCsrfTokenRepository); http.logout().addLogoutHandler(new CsrfServerLogoutHandler(serverCsrfTokenRepository)); }); http.addFilterAt(this.filter, SecurityWebFiltersOrder.CSRF); }
protected void configure(ServerHttpSecurity http) { HttpsRedirectWebFilter httpsRedirectWebFilter = new HttpsRedirectWebFilter(); if (this.serverWebExchangeMatcher != null) { httpsRedirectWebFilter.setRequiresHttpsRedirectMatcher(this.serverWebExchangeMatcher); } if (this.portMapper != null) { httpsRedirectWebFilter.setPortMapper(this.portMapper); } http.addFilterAt(httpsRedirectWebFilter, SecurityWebFiltersOrder.HTTPS_REDIRECT); }