@Override public void configure(HttpSecurity http) throws Exception { PreAuthenticatedAuthenticationProvider casAuthenticationProvider = new PreAuthenticatedAuthenticationProvider(); casAuthenticationProvider.setPreAuthenticatedUserDetailsService( new UserDetailsByNameServiceWrapper<>(peticionamentoUserDetailService.orElseThrow(() -> SingularServerException.rethrow( String.format("Bean %s do tipo %s não pode ser nulo. Para utilizar a configuração de segurança %s é preciso declarar um bean do tipo %s identificado pelo nome %s .", UserDetailsService.class.getName(), "peticionamentoUserDetailService", SingularCASSpringSecurityConfig.class.getName(), UserDetailsService.class.getName(), "peticionamentoUserDetailService" )) ) ) ); ProviderManager authenticationManager = new ProviderManager(Arrays.asList(new AuthenticationProvider[]{casAuthenticationProvider})); J2eePreAuthenticatedProcessingFilter j2eeFilter = new J2eePreAuthenticatedProcessingFilter(); j2eeFilter.setAuthenticationManager(authenticationManager); http .regexMatcher(getContext().getPathRegex()) .httpBasic().authenticationEntryPoint(new Http403ForbiddenEntryPoint()) .and() .csrf().disable() .headers().frameOptions().sameOrigin() .and() .jee().j2eePreAuthenticatedProcessingFilter(j2eeFilter) .and() .authorizeRequests() .antMatchers(getContext().getContextPath()).authenticated(); }
/** * Gets the j 2 ee pre authenticated processing filter. * * @return the j 2 ee pre authenticated processing filter */ @Bean(name = "j2eePreAuthenticatedProcessingFilter") public J2eePreAuthenticatedProcessingFilter getJ2eePreAuthenticatedProcessingFilter() { J2eePreAuthenticatedProcessingFilter filter = new J2eePreAuthenticatedProcessingFilter(); filter.setAuthenticationManager(getProviderManager()); filter.setAuthenticationDetailsSource( getJ2eeBasedPreAuthenticatedWebAuthenticationDetailsSource()); return filter; }
@SuppressWarnings("ProhibitedExceptionDeclared") @Override public void customize(final HttpSecurity http, final AuthenticationManager authenticationManager) throws Exception { final J2eePreAuthenticatedProcessingFilter filter = new J2eePreAuthenticatedProcessingFilter(); filter.setAuthenticationManager(authenticationManager); http.addFilter(filter); }