org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint Maven / Gradle / Ivy
/*
* Copyright 2010-2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.web.authentication;
import java.io.IOException;
import java.util.LinkedHashMap;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.log.LogMessage;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.util.matcher.ELRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcherEditor;
import org.springframework.util.Assert;
/**
* An {@code AuthenticationEntryPoint} which selects a concrete
* {@code AuthenticationEntryPoint} based on a {@link RequestMatcher} evaluation.
*
*
* A configuration might look like this:
*
*
*
* <bean id="daep" class="org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint">
* <constructor-arg>
* <map>
* <entry key="hasIpAddress('192.168.1.0/24') and hasHeader('User-Agent','Mozilla')" value-ref="firstAEP" />
* <entry key="hasHeader('User-Agent','MSIE')" value-ref="secondAEP" />
* </map>
* </constructor-arg>
* <property name="defaultEntryPoint" ref="defaultAEP"/>
* </bean>
*
*
* This example uses the {@link RequestMatcherEditor} which creates a
* {@link ELRequestMatcher} instances for the map keys.
*
* @author Mike Wiesner
* @since 3.0.2
*/
public class DelegatingAuthenticationEntryPoint implements AuthenticationEntryPoint, InitializingBean {
private static final Log logger = LogFactory.getLog(DelegatingAuthenticationEntryPoint.class);
private final LinkedHashMap entryPoints;
private AuthenticationEntryPoint defaultEntryPoint;
public DelegatingAuthenticationEntryPoint(LinkedHashMap entryPoints) {
this.entryPoints = entryPoints;
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException, ServletException {
for (RequestMatcher requestMatcher : this.entryPoints.keySet()) {
logger.debug(LogMessage.format("Trying to match using %s", requestMatcher));
if (requestMatcher.matches(request)) {
AuthenticationEntryPoint entryPoint = this.entryPoints.get(requestMatcher);
logger.debug(LogMessage.format("Match found! Executing %s", entryPoint));
entryPoint.commence(request, response, authException);
return;
}
}
logger.debug(LogMessage.format("No match found. Using default entry point %s", this.defaultEntryPoint));
// No EntryPoint matched, use defaultEntryPoint
this.defaultEntryPoint.commence(request, response, authException);
}
/**
* EntryPoint which is used when no RequestMatcher returned true
*/
public void setDefaultEntryPoint(AuthenticationEntryPoint defaultEntryPoint) {
this.defaultEntryPoint = defaultEntryPoint;
}
@Override
public void afterPropertiesSet() {
Assert.notEmpty(this.entryPoints, "entryPoints must be specified");
Assert.notNull(this.defaultEntryPoint, "defaultEntryPoint must be specified");
}
}