• Home
• org.renci.node-agent2
• agent-server
• 0.1.3
• source code
• RestHMACSecurityConfig.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

orca.nodeagent2.agent.server.RestHMACSecurityConfig Maven / Gradle / Ivy

package orca.nodeagent2.agent.server;


import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 * Disabled and not tested HMAC security config 04/14/2015/ib
 * @author ibaldin
 *
 */

//@Configuration
//@EnableGlobalMethodSecurity(securedEnabled = true)
public class RestHMACSecurityConfig extends WebSecurityConfigurerAdapter {
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.authenticationProvider(restAuthenticationProvider());
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		
		http
		.csrf().disable() // disable CSRF
		.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) // make stateless
		.and()
		.authorizeRequests().antMatchers("/**").authenticated() // require authentication everywhere
		.and()
		.exceptionHandling().authenticationEntryPoint(restHMACAuthEntryPoint()); // point to HMAC entry point on failure (generates 401)

		http.addFilterBefore(new RestHMACSecurityFilter(authenticationManager()), UsernamePasswordAuthenticationFilter.class);
	}

	//@Autowired
	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
		auth.authenticationProvider(restAuthenticationProvider());
	}

	//@Bean
	public AuthenticationProvider restAuthenticationProvider() {
		RestHMACAuthenticationProvider provider = new RestHMACAuthenticationProvider();
		return provider;
	}
	
	//@Bean
	public RestHMACAuthenticationEntryPoint restHMACAuthEntryPoint()
	{
		RestHMACAuthenticationEntryPoint authenticationEntryPoint = new RestHMACAuthenticationEntryPoint();
		return authenticationEntryPoint;
	}
	
}