|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B> org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer<H,OpenIDLoginConfigurer<H>,OpenIDAuthenticationFilter> org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer<H>
public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>
Adds support for OpenID based authentication.
@Configuration @EnableWebSecurity public class OpenIDLoginConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) { http .authorizeRequests() .antMatchers("/**").hasRole("USER") .and() .openidLogin() .permitAll(); } @Override protected void registerAuthentication( AuthenticationManagerBuilder auth) throws Exception { auth .inMemoryAuthentication() .withUser("https://www.google.com/accounts/o8/id?id=lmkCn9xzPdsxVwG7pjYMuDgNNdASFmobNkcRPaWU") .password("password") .roles("USER"); } }
AuthenticationEntryPoint
is populated with a LoginUrlAuthenticationEntryPoint
OpenIDAuthenticationProvider
is populated into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
AuthenticationManager
RememberMeServices
- is optionally used. See
RememberMeConfigurer
SessionAuthenticationStrategy
- is optionally used. See
SessionManagementConfigurer
Nested Class Summary | |
---|---|
class |
OpenIDLoginConfigurer.AttributeExchangeConfigurer
A class used to add OpenID attributes to look up |
Constructor Summary | |
---|---|
OpenIDLoginConfigurer()
Creates a new instance |
Method Summary | |
---|---|
OpenIDLoginConfigurer.AttributeExchangeConfigurer |
attributeExchange(String identifierPattern)
Sets up OpenID attribute exchange for OpenID's matching the specified pattern. |
OpenIDLoginConfigurer<H> |
authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken> authenticationUserDetailsService)
The AuthenticationUserDetailsService to use. |
void |
configure(H http)
Configure the SecurityBuilder by setting the necessary properties
on the SecurityBuilder . |
OpenIDLoginConfigurer<H> |
consumer(OpenIDConsumer consumer)
Allows specifying the OpenIDConsumer to be used. |
OpenIDLoginConfigurer<H> |
consumerManager(org.openid4java.consumer.ConsumerManager consumerManager)
Allows specifying the ConsumerManager to be used. |
protected RequestMatcher |
createLoginProcessingUrlMatcher(String loginProcessingUrl)
Create the RequestMatcher given a loginProcessingUrl |
B |
disable()
Disables the AbstractHttpConfigurer by removing it. |
void |
init(H http)
Initialize the SecurityBuilder . |
OpenIDLoginConfigurer<H> |
loginPage(String loginPage)
Specifies the URL to send users to if login is required. |
OpenIDLoginConfigurer<H> |
loginProcessingUrl(String loginProcessingUrl)
Specifies the URL used to authenticate OpenID requests. |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer |
---|
authenticationDetailsSource, defaultSuccessUrl, defaultSuccessUrl, failureHandler, failureUrl, getAuthenticationFilter, getFailureUrl, getLoginPage, getLoginProcessingUrl, isCustomLoginPage, permitAll, permitAll, successHandler |
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter |
---|
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public OpenIDLoginConfigurer()
Method Detail |
---|
public OpenIDLoginConfigurer.AttributeExchangeConfigurer attributeExchange(String identifierPattern)
identifierPattern
- the regular expression for matching on OpenID's (i.e.
"https://www.google.com/.*", ".*yahoo.com.*", etc)
OpenIDLoginConfigurer.AttributeExchangeConfigurer
for further customizations of the attribute exchangepublic OpenIDLoginConfigurer<H> consumer(OpenIDConsumer consumer)
OpenIDConsumer
to be used. The default is
using an OpenID4JavaConsumer
.
consumer
- the OpenIDConsumer
to be used
OpenIDLoginConfigurer
for further customizationspublic OpenIDLoginConfigurer<H> consumerManager(org.openid4java.consumer.ConsumerManager consumerManager)
ConsumerManager
to be used. If specified,
will be populated into an OpenID4JavaConsumer
.
This is a shortcut for specifying the OpenID4JavaConsumer
with a
specific ConsumerManager
on consumer(OpenIDConsumer)
.
consumerManager
- the ConsumerManager
to use. Cannot be null.
OpenIDLoginConfigurer
for further customizationspublic OpenIDLoginConfigurer<H> authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken> authenticationUserDetailsService)
AuthenticationUserDetailsService
to use. By default a
UserDetailsByNameServiceWrapper
is used with the
UserDetailsService
shared object found with
AbstractConfiguredSecurityBuilder.getSharedObject(Class)
.
authenticationUserDetailsService
- the AuthenticationDetailsSource
to use
OpenIDLoginConfigurer
for further customizationspublic OpenIDLoginConfigurer<H> loginProcessingUrl(String loginProcessingUrl)
HttpServletRequest
matches this URL the OpenIDAuthenticationFilter
will attempt to
authenticate the request. The default is "/login/openid".
loginProcessingUrl
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
loginUrl
- the URL used to perform authentication
OpenIDLoginConfigurer
for additional customizationpublic OpenIDLoginConfigurer<H> loginPage(String loginPage)
Specifies the URL to send users to if login is required. If used with
WebSecurityConfigurerAdapter
a default login page will be
generated when this attribute is not specified.
If a URL is specified or this is not being used in conjuction with
WebSecurityConfigurerAdapter
, users are required to process the
specified URL to generate a login page.
loginProcessingUrl(String)
OpenIDAuthenticationFilter.DEFAULT_CLAIMED_IDENTITY_FIELD
loginPage
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
loginPage
- the login page to redirect to if authentication is required (i.e. "/login")
FormLoginConfigurer
for additional customizationpublic void init(H http) throws Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be
created and modified, but not properties on the SecurityBuilder
used for building the object. This ensures that the
SecurityConfigurer.configure(SecurityBuilder)
method uses the correct shared
objects when building.
init
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
Exception
public void configure(H http) throws Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties
on the SecurityBuilder
.
configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
Exception
protected RequestMatcher createLoginProcessingUrlMatcher(String loginProcessingUrl)
AbstractAuthenticationFilterConfigurer
RequestMatcher
given a loginProcessingUrl
createLoginProcessingUrlMatcher
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
loginProcessingUrl
- creates the RequestMatcher
based upon the loginProcessingUrl
RequestMatcher
to use based upon the loginProcessingUrlpublic B disable()
AbstractHttpConfigurer
by removing it. After doing
so a fresh version of the configuration can be applied.
HttpSecurityBuilder
for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |