@Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { // if (LOG.isDebugEnabled()) { // LOG.debug("Redirigiendo a pantalla de login: " + LOGIN_FORM_URL); // } ContentNegotiationStrategy negotiationStrategy = new HeaderContentNegotiationStrategy(); MediaTypeRequestMatcher matcher = new MediaTypeRequestMatcher(negotiationStrategy, MediaType.TEXT_HTML); matcher.setUseEquals(false); if (matcher.matches(request)) { DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); redirectStrategy.setContextRelative(false); redirectStrategy.sendRedirect(request, response, LOGIN_FORM_URL); } else { response.sendError(HttpServletResponse.SC_FORBIDDEN); } }
@Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { ContentNegotiationStrategy negotiationStrategy = new HeaderContentNegotiationStrategy(); MediaTypeRequestMatcher matcher = new MediaTypeRequestMatcher(negotiationStrategy, MediaType.TEXT_HTML); matcher.setUseEquals(false); if (matcher.matches(request)) { DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); redirectStrategy.setContextRelative(false); redirectStrategy.sendRedirect(request, response, "/errores/403"); } else { response.sendError(HttpServletResponse.SC_FORBIDDEN); } }
@Override protected void configure(HttpSecurity http) throws Exception { final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher( contentNegotiationStrategy, MediaType.TEXT_HTML); final String loginPage = dashboard("/#/login"); final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm()); basicAuthenticationEntryPoint.afterPropertiesSet(); http .csrf() .disable() .authorizeRequests() .antMatchers("/") .authenticated() .antMatchers( dashboard("/**"), "/authenticate", "/security/info", "/features", "/assets/**").permitAll() .and() .formLogin().loginPage(loginPage) .loginProcessingUrl(dashboard("/login")) .defaultSuccessUrl(dashboard("/")).permitAll() .and() .logout().logoutUrl(dashboard("/logout")) .logoutSuccessUrl(dashboard("/logout-success.html")) .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll() .and().httpBasic() .and().exceptionHandling() .defaultAuthenticationEntryPointFor( new LoginUrlAuthenticationEntryPoint(loginPage), textHtmlMatcher) .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, AnyRequestMatcher.INSTANCE) .and() .authorizeRequests() .anyRequest().authenticated(); final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>( sessionRepository()); sessionRepositoryFilter .setHttpSessionStrategy(new HeaderHttpSessionStrategy()); http.addFilterBefore(sessionRepositoryFilter, ChannelProcessingFilter.class).csrf().disable(); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED); }