Examples of org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

• org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
  Processes an authentication form submission. Called {@code AuthenticationProcessingFilter} prior to Spring Security3.0.

  Login forms must present two parameters to this filter: a username and password. The default parameter names to use are contained in the static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY} and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}. The parameter names can also be changed by setting the {@code usernameParameter} and {@code passwordParameter}properties.

  This filter by default responds to the URL {@code /j_spring_security_check}. @author Ben Alex @author Colin Sampaleanu @author Luke Taylor @since 3.0

            @Inject @Value( "${spring-security.check.url}" ) final String authUrl,
            @Inject @Value( "${spring-security.target.url}" ) final String targetUrl,
            @Inject @Value( "${spring-security.failure.url}" ) final String failureUrl,
            @Inject @Value( "${spring-security.always.use.target.url}" ) final String alwaysUseTargetUrl ) throws Exception {

        UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
        filter.setAuthenticationManager( manager );

        filter.setPostOnly(false);

        filter.setAuthenticationFailureHandler( new SimpleUrlAuthenticationFailureHandler(failureUrl) );

        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setDefaultTargetUrl(targetUrl);
        successHandler.setAlwaysUseDefaultTargetUrl( Boolean.parseBoolean( alwaysUseTargetUrl ) );
        filter.setAuthenticationSuccessHandler( successHandler);
    filter.setFilterProcessesUrl(targetUrl);
        filter.setFilterProcessesUrl( authUrl );
        filter.setRememberMeServices( rememberMeServices );

        filter.afterPropertiesSet();
        return filter;
    }

            @Inject @Value( "${spring-security.check.url}" ) final String authUrl,
            @Inject @Value( "${spring-security.target.url}" ) final String targetUrl,
            @Inject @Value( "${spring-security.failure.url}" ) final String failureUrl,
            @Inject @Value( "${spring-security.always.use.target.url}" ) final String alwaysUseTargetUrl ) throws Exception {

        UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
        filter.setAuthenticationManager( manager );

        filter.setPostOnly(false);

        filter.setAuthenticationFailureHandler( new SimpleUrlAuthenticationFailureHandler(failureUrl) );

        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setDefaultTargetUrl(targetUrl);
        successHandler.setAlwaysUseDefaultTargetUrl( Boolean.parseBoolean( alwaysUseTargetUrl ) );
        filter.setAuthenticationSuccessHandler( successHandler);
    filter.setRequiresAuthenticationRequestMatcher(new RequestMatcher() {

          // copied from AbstractAuthenticationProcessingFilter
      @Override
      public boolean matches(HttpServletRequest request) {
        String uri = request.getRequestURI();
              int pathParamIndex = uri.indexOf(';');

              if (pathParamIndex > 0) {
                  // strip everything after the first semi-colon
                  uri = uri.substring(0, pathParamIndex);
              }

              if ("".equals(request.getContextPath())) {
                  return uri.endsWith(authUrl);
              }

              return uri.endsWith(request.getContextPath() + authUrl);
      }
    });
        filter.setRememberMeServices( rememberMeServices );

        filter.afterPropertiesSet();
        return filter;
    }

    /**
     * Creates a new instance
     * @see HttpSecurity#formLogin()
     */
    public FormLoginConfigurer() {
        super(new UsernamePasswordAuthenticationFilter(),null);
        usernameParameter("username");
        passwordParameter("password");
    }

            loginPageGeneratingFilter.setAuthenticationUrl(getLoginProcessingUrl());
        }
    }

    private static UsernamePasswordAuthenticationFilter createUsernamePasswordAuthenticationFilter() {
        return new UsernamePasswordAuthenticationFilter() {
            @Override
            protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) {
                return "POST".equals(request.getMethod()) && super.requiresAuthentication(request, response);
            }
        };

        }

        RememberMeServices rms = securityManager.getRememberMeService();

        // add login filter
        UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter() {
            @Override
            protected boolean requiresAuthentication(HttpServletRequest request,
                    HttpServletResponse response) {

                for (String pathInfo:pathInfos) {
                    if (getRequestPath(request).startsWith(pathInfo))
                        return true;

                }
                return false;
            }
        };


        filter.setPasswordParameter(upConfig.getPasswordParameterName());
        filter.setUsernameParameter(upConfig.getUsernameParameterName());
        filter.setAuthenticationManager(getSecurityManager());

        filter.setRememberMeServices(rms);
        GeoServerWebAuthenticationDetailsSource s = new GeoServerWebAuthenticationDetailsSource();
        filter.setAuthenticationDetailsSource(s);

        filter.setAllowSessionCreation(false);
        //filter.setFilterProcessesUrl(URL_FOR_LOGIN);

        SimpleUrlAuthenticationSuccessHandler successHandler = new SimpleUrlAuthenticationSuccessHandler();
        successHandler.setDefaultTargetUrl(URL_LOGIN_SUCCCESS);
        filter.setAuthenticationSuccessHandler(successHandler);

        SimpleUrlAuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler();
        // TODO, check this when using encrypting of URL parameters
        failureHandler
                .setDefaultFailureUrl(URL_LOGIN_FAILURE);
        filter.setAuthenticationFailureHandler(failureHandler);

        //filter.afterPropertiesSet();
        getNestedFilters().add(filter);
    }

    }

    @Bean
    @Autowired
    public Filter authenticationFilter(AuthenticationManager authenticationManager, RequestCache requestCache) {
        UsernamePasswordAuthenticationFilter authenticationFilter = new UsernamePasswordAuthenticationFilter();
        authenticationFilter.setFilterProcessesUrl(applicationUrl("/j_spring_security_check"));
        authenticationFilter.setAuthenticationManager(authenticationManager);
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setRequestCache(requestCache);
        authenticationFilter.setAuthenticationSuccessHandler(successHandler);
        authenticationFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(applicationUrl("/login?login_error=1")));
        return authenticationFilter;
    }