/** * Creates a new instance * @throws Exception * @see HttpSecurity#httpBasic() */ public HttpBasicConfigurer() throws Exception { realmName(DEFAULT_REALM); LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>(); entryPoints.put(X_REQUESTED_WITH, new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)); DelegatingAuthenticationEntryPoint defaultEntryPoint = new DelegatingAuthenticationEntryPoint( entryPoints); defaultEntryPoint.setDefaultEntryPoint(this.basicAuthEntryPoint); this.authenticationEntryPoint = defaultEntryPoint; }
/** * Creates a new instance * @throws Exception * @see HttpSecurity#httpBasic() */ public HttpBasicConfigurer() throws Exception { realmName(DEFAULT_REALM); LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>(); entryPoints.put(X_REQUESTED_WITH, new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)); DelegatingAuthenticationEntryPoint defaultEntryPoint = new DelegatingAuthenticationEntryPoint( entryPoints); defaultEntryPoint.setDefaultEntryPoint(this.basicAuthEntryPoint); this.authenticationEntryPoint = defaultEntryPoint; }
@Bean AuthenticationEntryPoint forbiddenEntryPoint() { return new HttpStatusEntryPoint(FORBIDDEN); }
/** * Creates a new instance * @throws Exception * @see HttpSecurity#httpBasic() */ public HttpBasicConfigurer() throws Exception { realmName(DEFAULT_REALM); LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>(); entryPoints.put(X_REQUESTED_WITH, new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)); DelegatingAuthenticationEntryPoint defaultEntryPoint = new DelegatingAuthenticationEntryPoint( entryPoints); defaultEntryPoint.setDefaultEntryPoint(this.basicAuthEntryPoint); this.authenticationEntryPoint = defaultEntryPoint; }
@Override public void configure(HttpSecurity http) throws Exception { http.antMatcher("/ui/**").authorizeRequests().antMatchers("/ui/test") .permitAll().anyRequest().authenticated().and().exceptionHandling() .authenticationEntryPoint( new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)); }
private void addAuthenticationEntryPoint(HttpSecurity http, OAuth2SsoProperties sso) throws Exception { ExceptionHandlingConfigurer<HttpSecurity> exceptions = http.exceptionHandling(); ContentNegotiationStrategy contentNegotiationStrategy = http .getSharedObject(ContentNegotiationStrategy.class); if (contentNegotiationStrategy == null) { contentNegotiationStrategy = new HeaderContentNegotiationStrategy(); } MediaTypeRequestMatcher preferredMatcher = new MediaTypeRequestMatcher( contentNegotiationStrategy, MediaType.APPLICATION_XHTML_XML, new MediaType("image", "*"), MediaType.TEXT_HTML, MediaType.TEXT_PLAIN); preferredMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL)); exceptions.defaultAuthenticationEntryPointFor( new LoginUrlAuthenticationEntryPoint(sso.getLoginPath()), preferredMatcher); // When multiple entry points are provided the default is the first one exceptions.defaultAuthenticationEntryPointFor( new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED), new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest")); }
private void addAuthenticationEntryPoint(HttpSecurity http, OAuth2SsoProperties sso) throws Exception { ExceptionHandlingConfigurer<HttpSecurity> exceptions = http.exceptionHandling(); ContentNegotiationStrategy contentNegotiationStrategy = http .getSharedObject(ContentNegotiationStrategy.class); if (contentNegotiationStrategy == null) { contentNegotiationStrategy = new HeaderContentNegotiationStrategy(); } MediaTypeRequestMatcher preferredMatcher = new MediaTypeRequestMatcher( contentNegotiationStrategy, MediaType.APPLICATION_XHTML_XML, new MediaType("image", "*"), MediaType.TEXT_HTML, MediaType.TEXT_PLAIN); preferredMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL)); exceptions.defaultAuthenticationEntryPointFor( new LoginUrlAuthenticationEntryPoint(sso.getLoginPath()), preferredMatcher); // When multiple entry points are provided the default is the first one exceptions.defaultAuthenticationEntryPointFor( new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED), new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest")); }