@Bean public UserDetailsByNameServiceWrapper authenticationUserDetailsService( final UserDetailsService userDetailsService){ return new UserDetailsByNameServiceWrapper(){{ setUserDetailsService(userDetailsService); }}; }
@Bean public PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider() { final PreAuthenticatedAuthenticationProvider provider = new PreAuthenticatedAuthenticationProvider(); provider.setPreAuthenticatedUserDetailsService( new UserDetailsByNameServiceWrapper<>(userDetailsService())); return provider; }
public X509WebSecurityConfigurationAdapter() { super(); if (!useStandardSSL) { userDetailsService = new X509HeaderUserDetailsService(); UserDetailsByNameServiceWrapper<PreAuthenticatedAuthenticationToken> wrapper = new UserDetailsByNameServiceWrapper<>(userDetailsService); preAuthenticatedProvider = new PreAuthenticatedAuthenticationProvider(); preAuthenticatedProvider.setPreAuthenticatedUserDetailsService(wrapper); } }
@Override public void configure(HttpSecurity http) throws Exception { PreAuthenticatedAuthenticationProvider casAuthenticationProvider = new PreAuthenticatedAuthenticationProvider(); casAuthenticationProvider.setPreAuthenticatedUserDetailsService( new UserDetailsByNameServiceWrapper<>(peticionamentoUserDetailService.orElseThrow(() -> SingularServerException.rethrow( String.format("Bean %s do tipo %s não pode ser nulo. Para utilizar a configuração de segurança %s é preciso declarar um bean do tipo %s identificado pelo nome %s .", UserDetailsService.class.getName(), "peticionamentoUserDetailService", SingularCASSpringSecurityConfig.class.getName(), UserDetailsService.class.getName(), "peticionamentoUserDetailService" )) ) ) ); ProviderManager authenticationManager = new ProviderManager(Arrays.asList(new AuthenticationProvider[]{casAuthenticationProvider})); J2eePreAuthenticatedProcessingFilter j2eeFilter = new J2eePreAuthenticatedProcessingFilter(); j2eeFilter.setAuthenticationManager(authenticationManager); http .regexMatcher(getContext().getPathRegex()) .httpBasic().authenticationEntryPoint(new Http403ForbiddenEntryPoint()) .and() .csrf().disable() .headers().frameOptions().sameOrigin() .and() .jee().j2eePreAuthenticatedProcessingFilter(j2eeFilter) .and() .authorizeRequests() .antMatchers(getContext().getContextPath()).authenticated(); }
@Bean @ConditionalOnMissingBean(CasAuthenticationProvider.class) public CasAuthenticationProvider casAuthenticationProvider(){ CasAuthenticationProvider casProvider = new CasAuthenticationProvider(); casProvider.setAuthenticationUserDetailsService(new UserDetailsByNameServiceWrapper<>(userDetailsService)); casProvider.setServiceProperties(serviceProperties()); casProvider.setTicketValidator(new Cas20ServiceTicketValidator(bootSecurityConfig.getCas().getCasServerUrl())); casProvider.setKey(bootSecurityConfig.getCas().getKey()); return casProvider; }
@Bean public UserDetailsByNameServiceWrapper authenticationUserDetailsService(final UserDetailsService userDetailsService){ return new UserDetailsByNameServiceWrapper(){{ setUserDetailsService(userDetailsService); }}; }
@Override @SuppressWarnings("unchecked") public void init(InitContext context, BeanFactory beanFactory) { AuthorizationServerConfiguration authServerConfig = beanFactory.get(AuthorizationServerConfiguration.class); TokenStore tokenStore = authServerConfig.getTokenStore(); UserDetailsService userService = authServerConfig.getUserDetailsService(); ClientDetailsService clientService = authServerConfig.getClientDetailsService(); DataSource dataSource = authServerConfig.getDataSource(); PreAuthenticatedAuthenticationProvider preProvider = new PreAuthenticatedAuthenticationProvider(); preProvider.setPreAuthenticatedUserDetailsService(new UserDetailsByNameServiceWrapper(userService)); DaoAuthenticationProvider clientAuthProvider = new DaoAuthenticationProvider(); clientAuthProvider.setUserDetailsService(new ClientDetailsUserDetailsService(clientService)); DaoAuthenticationProvider userAuthProvider = new DaoAuthenticationProvider(); userAuthProvider.setUserDetailsService(userService); ProviderManager clientManager = new ProviderManager(singletonList(clientAuthProvider)); ProviderManager userManager = new ProviderManager(asList(userAuthProvider, preProvider)); AuthorizationCodeServices authServices = new InMemoryAuthorizationCodeServices(); OAuth2RequestFactory requestFactory = new DefaultOAuth2RequestFactory(clientService); DefaultTokenServices tokenServices = tokenServices(clientService, userManager, tokenStore, dataSource); TokenGranter tokenGranter = compositeTokenGranter(clientService, userManager, tokenServices, requestFactory, authServices); TokenEndpoint tokenEndpoint = new TokenEndpoint(clientManager, clientService, tokenGranter); TokenStoreUserApprovalHandler userApprovalHandler = new TokenStoreUserApprovalHandler(); userApprovalHandler.setClientDetailsService(clientService); userApprovalHandler.setRequestFactory(requestFactory); userApprovalHandler.setTokenStore(tokenStore); AuthorizationEndpoint authorizationEndpoint = new AuthorizationEndpoint( authServices, clientService, tokenGranter, userApprovalHandler, requestFactory); context.addControllerConfiguration(tokenEndpoint); context.addControllerConfiguration(authorizationEndpoint); context.addExceptionConfiguration(new OAuthExceptionConfiguration()); context.addInterceptor(new AuthenticationInterceptor(clientManager)); context.addInterceptor(new AuthorizationInterceptor()); }
