Examples of FilterSecurityInterceptor

• org.springframework.security.web.access.intercept.FilterSecurityInterceptor
  Performs security handling of HTTP resources via a filter implementation.

  The SecurityMetadataSource required by this security interceptor is of type {@link FilterInvocationSecurityMetadataSource}.

  Refer to {@link AbstractSecurityInterceptor} for details on the workflow.

  @author Ben Alex @author Rob Winch

Examples of org.springframework.security.web.access.intercept.FilterSecurityInterceptor

        assertEquals(testBean2, testBean.getSimpleRef());
        assertTrue("testbean should have a testbean added to one of its collections", testBean.getCollectionRef().contains(testBean3));
        assertEquals("astring", testBean.getBasicProp2());
        assertTrue("testBeans doesn't contain 'newString' in its collection of strings", testBean.getCollectionProp().contains("newString"));

        FilterSecurityInterceptor filterSecurityInterceptor = applicationContext.getBean("filterSecurityInterceptor", FilterSecurityInterceptor.class);
        Collection<ConfigAttribute> attributes = filterSecurityInterceptor.getSecurityMetadataSource().getAllConfigAttributes();
        assertInterceptUrl(attributes, "hasRole('Administrator')");
        assertInterceptUrl(attributes, "hasRole('RegisteredUser')");
        assertNotInterceptUrl(attributes, "hasRole('REMOVE')");
        assertNotInterceptUrl(attributes, "hasRole('SET')");
    }

Examples of org.springframework.security.web.access.intercept.FilterSecurityInterceptor

            if (getFilter(DefaultLoginPageGeneratingFilter.class, filters) != null) {
                logger.debug("Default generated login page is in use");
                return;
            }

            FilterSecurityInterceptor fsi = (FilterSecurityInterceptor) getFilter(FilterSecurityInterceptor.class, filters);
            DefaultFilterInvocationSecurityMetadataSource fids =
                    (DefaultFilterInvocationSecurityMetadataSource) fsi.getSecurityMetadataSource();
            Collection<ConfigAttribute> attributes = fids.lookupAttributes(loginPage, "POST");

            if (attributes == null) {
                logger.debug("No access attributes defined for login page URL");
                if (fsi.isRejectPublicInvocations()) {
                    logger.warn("FilterSecurityInterceptor is configured to reject public invocations." +
                            " Your login page may not be accessible.");
                }
                return;
            }

            AnonymousAuthenticationFilter anonPF = (AnonymousAuthenticationFilter) getFilter(AnonymousAuthenticationFilter.class, filters);
            if (anonPF == null) {
                logger.warn("The login page is being protected by the filter chain, but you don't appear to have" +
                        " anonymous authentication enabled. This is almost certainly an error.");
                return;
            }

            // Simulate an anonymous access with the supplied attributes.
            AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", anonPF.getUserAttribute().getPassword(),
                            anonPF.getUserAttribute().getAuthorities());
            try {
                fsi.getAccessDecisionManager().decide(token, new Object(), fids.lookupAttributes(loginPage, "POST"));
            } catch (Exception e) {
                logger.warn("Anonymous access to the login page doesn't appear to be enabled. This is almost certainly " +
                        "an error. Please check your configuration allows unauthenticated access to the configured " +
                        "login page. (Simulated access was rejected: " + e + ")");
            }

Examples of org.springframework.security.web.access.intercept.FilterSecurityInterceptor

        web
            .addSecurityFilterChainBuilder(http)
            .postBuildAction(new Runnable() {
                @Override
                public void run() {
                    FilterSecurityInterceptor securityInterceptor = http.getSharedObject(FilterSecurityInterceptor.class);
                    web.securityInterceptor(securityInterceptor);
                }
            });
    }

Examples of org.springframework.security.web.access.intercept.FilterSecurityInterceptor

    public void configure(H http) throws Exception {
        FilterInvocationSecurityMetadataSource metadataSource = createMetadataSource();
        if(metadataSource == null) {
            return;
        }
        FilterSecurityInterceptor securityInterceptor = createFilterSecurityInterceptor(metadataSource, http.getAuthenticationManager());
        if(filterSecurityInterceptorOncePerRequest != null) {
            securityInterceptor.setObserveOncePerRequest(filterSecurityInterceptorOncePerRequest);
        }
        securityInterceptor = postProcess(securityInterceptor);
        http.addFilter(securityInterceptor);
        http.setSharedObject(FilterSecurityInterceptor.class, securityInterceptor);
    }

Examples of org.springframework.security.web.access.intercept.FilterSecurityInterceptor

     * @return the {@link FilterSecurityInterceptor}
     * @throws Exception
     */
    private FilterSecurityInterceptor createFilterSecurityInterceptor(FilterInvocationSecurityMetadataSource metadataSource,
                                                                      AuthenticationManager authenticationManager) throws Exception {
        FilterSecurityInterceptor securityInterceptor = new FilterSecurityInterceptor();
        securityInterceptor.setSecurityMetadataSource(metadataSource);
        securityInterceptor.setAccessDecisionManager(getAccessDecisionManager());
        securityInterceptor.setAuthenticationManager(authenticationManager);
        securityInterceptor.afterPropertiesSet();
        return securityInterceptor;
    }

Examples of org.springframework.security.web.access.intercept.FilterSecurityInterceptor

        SecurityInterceptorFilterConfig siConfig =
                (SecurityInterceptorFilterConfig) config;

        FilterSecurityInterceptor filter = new FilterSecurityInterceptor();

        filter.setAuthenticationManager(getSecurityManager());

        List<AccessDecisionVoter> voters = new ArrayList<AccessDecisionVoter>();
        RoleVoter roleVoter = new RoleVoter();
        roleVoter.setRolePrefix("");
        voters.add(roleVoter);
        voters.add(new AuthenticatedVoter());
        AffirmativeBased accessDecisionManager = new AffirmativeBased(voters);
        accessDecisionManager.setAllowIfAllAbstainDecisions(siConfig.isAllowIfAllAbstainDecisions());
        filter.setAccessDecisionManager(accessDecisionManager);

        // TODO, Justin, is this correct
        filter.setSecurityMetadataSource((FilterInvocationSecurityMetadataSource)
                    GeoServerExtensions.bean(siConfig.getSecurityMetadataSource()));
        try {
            filter.afterPropertiesSet();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
        getNestedFilters().add(filter);
    }

Examples of org.springframework.security.web.access.intercept.FilterSecurityInterceptor

    }

    @Bean
    @Autowired
    public Filter filterSecurityInterceptor(AuthenticationManager authenticationManager) throws Exception {
        FilterSecurityInterceptor filter = new FilterSecurityInterceptor();
        filter.setAuthenticationManager(authenticationManager);
        filter.setAccessDecisionManager(new AffirmativeBased(asList((AccessDecisionVoter) new RoleVoter())));
        filter.setSecurityMetadataSource(securityMetadataSource());
        filter.afterPropertiesSet();
        return filter;
    }