本文整理了Java中org.springframework.security.web.access.ExceptionTranslationFilter
类的一些代码示例,展示了ExceptionTranslationFilter
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ExceptionTranslationFilter
类的具体详情如下:
包路径:org.springframework.security.web.access.ExceptionTranslationFilter
类名称:ExceptionTranslationFilter
[英]Handles any AccessDeniedException
and AuthenticationException
thrown within the filter chain.
This filter is necessary because it provides the bridge between Java exceptions and HTTP responses. It is solely concerned with maintaining the user interface. This filter does not do any actual security enforcement.
If an AuthenticationException is detected, the filter will launch the authenticationEntryPoint
. This allows common handling of authentication failures originating from any subclass of org.springframework.security.access.intercept.AbstractSecurityInterceptor.
If an AccessDeniedException is detected, the filter will determine whether or not the user is an anonymous user. If they are an anonymous user, the authenticationEntryPoint
will be launched. If they are not an anonymous user, the filter will delegate to the org.springframework.security.web.access.AccessDeniedHandler. By default the filter will use org.springframework.security.web.access.AccessDeniedHandlerImpl.
To use this filter, it is necessary to specify the following properties:
authenticationEntryPoint
indicates the handler that should commence the authentication process if an AuthenticationException
is detected. Note that this may also switch the current protocol from http to https for an SSL login.AccessDeniedException
和AuthenticationException
。authenticationEntryPoint
。这允许共同处理来自org的任何子类的身份验证失败。springframework。安全通道拦截AbstractSecurityInterceptor。authenticationEntryPoint
将启动。如果他们不是匿名用户,筛选器将委托给组织。springframework。安全网状物通道AccessDeniedHandler。默认情况下,过滤器将使用组织。springframework。安全网状物通道AccessDeniedHandlerImpl。authenticationEntryPoint
表示在检测到AuthenticationException
时应开始身份验证过程的处理程序。注意,对于SSL登录,这也可能将当前协议从http切换到https。代码示例来源:origin: spring-projects/spring-security
@Override
public void configure(H http) throws Exception {
AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http);
ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(
entryPoint, getRequestCache(http));
AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http);
exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler);
exceptionTranslationFilter = postProcess(exceptionTranslationFilter);
http.addFilter(exceptionTranslationFilter);
}
代码示例来源:origin: spring-projects/spring-security
|| !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
return;
.getAuthenticationEntryPoint()).getLoginFormUrl();
logger.info("Checking whether login URL '" + loginPage
+ "' is accessible with your configuration");
代码示例来源:origin: geoserver/geoserver
ExceptionTranslationFilter filter = new ExceptionTranslationFilter(ep, cache);
filter.setAccessDeniedHandler(accessDeniedHandler);
filter.afterPropertiesSet();
getNestedFilters().add(filter);
代码示例来源:origin: psi-probe/psi-probe
/**
* Gets the exception translation filter.
*
* @return the exception translation filter
*/
@Bean(name = "etf")
public ExceptionTranslationFilter getExceptionTranslationFilter() {
return new ExceptionTranslationFilter(getHttp403ForbiddenEntryPoint());
}
代码示例来源:origin: org.eclipse.hudson/hudson-core
public Filter[] getCommonFilters() {
AnonymousAuthenticationFilter anonymousProcessingFilter = new AnonymousAuthenticationFilter("anonymous");
UserAttribute userAttribute = new UserAttribute();
userAttribute.setPassword("anonymous");
String authorities = "anonymous, ROLE_ANONYMOUS";
userAttribute.setAuthoritiesAsString(Arrays.asList(authorities));
anonymousProcessingFilter.setUserAttribute(userAttribute);
ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandler);
HudsonAuthenticationEntryPoint hudsonAuthenticationEntryPoint = new HudsonAuthenticationEntryPoint();
hudsonAuthenticationEntryPoint.setLoginFormUrl('/' + getLoginUrl() + "?from={0}");
exceptionTranslationFilter.setAuthenticationEntryPoint(hudsonAuthenticationEntryPoint);
UnwrapSecurityExceptionFilter unwrapSecurityExceptionFilter = new UnwrapSecurityExceptionFilter();
Filter[] filters = {
anonymousProcessingFilter,
exceptionTranslationFilter,
unwrapSecurityExceptionFilter
};
return filters;
}
/**
代码示例来源:origin: stackoverflow.com
exceptionTranslationFilter.setAccessDeniedHandler(new AccessDeniedHandlerImpl());
exceptionTranslationFilter.afterPropertiesSet();
代码示例来源:origin: spring-projects/spring-security
@Before
public void setUp() throws Exception {
AnonymousAuthenticationFilter aaf = new AnonymousAuthenticationFilter("anonymous");
fsi = new FilterSecurityInterceptor();
fsi.setAccessDecisionManager(accessDecisionManager);
fsi.setSecurityMetadataSource(metadataSource);
AuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint(
"/login");
ExceptionTranslationFilter etf = new ExceptionTranslationFilter(
authenticationEntryPoint);
DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain(
AnyRequestMatcher.INSTANCE, aaf, etf, fsi);
fcp = new FilterChainProxy(securityChain);
validator = new DefaultFilterChainValidator();
ReflectionTestUtils.setField(validator, "logger", logger);
}
代码示例来源:origin: stackoverflow.com
accessDeniedHandlerImpl.setErrorPage("/exception");
exceptionTranslationFilter
.setAccessDeniedHandler(accessDeniedHandlerImpl);
exceptionTranslationFilter.afterPropertiesSet();
return exceptionTranslationFilter;
代码示例来源:origin: org.springframework.security/spring-security-config
@Override
public void configure(H http) throws Exception {
AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http);
ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(
entryPoint, getRequestCache(http));
AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http);
exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler);
exceptionTranslationFilter = postProcess(exceptionTranslationFilter);
http.addFilter(exceptionTranslationFilter);
}
代码示例来源:origin: org.motechproject/motech-platform-web-security
private void addExceptionTranslationFilter(List<Filter> filters, RequestCache requestCache, boolean isRest) {
ExceptionTranslationFilter exceptionFilter;
if (isRest) {
exceptionFilter = new ExceptionTranslationFilter(basicAuthenticationEntryPoint, requestCache);
} else {
exceptionFilter = new ExceptionTranslationFilter(loginAuthenticationEntryPoint, requestCache);
}
filters.add(exceptionFilter);
}
代码示例来源:origin: org.springframework.security/spring-security-config
|| !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
return;
.getAuthenticationEntryPoint()).getLoginFormUrl();
logger.info("Checking whether login URL '" + loginPage
+ "' is accessible with your configuration");
代码示例来源:origin: org.springframework.security/spring-security-javaconfig
@Override
public void configure(H http) throws Exception {
AuthenticationEntryPoint entryPoint = getEntryPoint(http);
ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(entryPoint, getRequestCache(http));
if(accessDeniedHandler != null) {
exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandler);
}
exceptionTranslationFilter = postProcess(exceptionTranslationFilter);
http.addFilter(exceptionTranslationFilter);
}
代码示例来源:origin: stackoverflow.com
sessionManagement().sessionAuthenticationStrategy(sessionAuthenticationStrategy).
and().
addFilter(new ExceptionTranslationFilter(new AuthenticationProcessingFilterEntryPoint()));
代码示例来源:origin: org.springframework.security/org.springframework.security.config
private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> filterStack) {
ExceptionTranslationFilter etf = getFilter(ExceptionTranslationFilter.class, filterStack);
if(etf == null || !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
return;
String loginPage = ((LoginUrlAuthenticationEntryPoint)etf.getAuthenticationEntryPoint()).getLoginFormUrl();
logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
FilterInvocation loginRequest = new FilterInvocation(loginPage, "POST");
代码示例来源:origin: apache/servicemix-bundles
@Override
public void configure(H http) throws Exception {
AuthenticationEntryPoint entryPoint = getAuthenticationEntryPoint(http);
ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter(
entryPoint, getRequestCache(http));
AccessDeniedHandler deniedHandler = getAccessDeniedHandler(http);
exceptionTranslationFilter.setAccessDeniedHandler(deniedHandler);
exceptionTranslationFilter = postProcess(exceptionTranslationFilter);
http.addFilter(exceptionTranslationFilter);
}
代码示例来源:origin: stackoverflow.com
@Configuration
@EnableWebSecurity
@Order(2)
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
ExceptionTranslationFilter = new ExceptionTranslationFilter(new AuthenticationExceptionHandler());
http.addFilterAfter(new StatelessAuthenticationFilter(tokenAuthenticationService),
ExceptionTranslationFilter.class);
}
}
public class AuthenticationExceptionHandler implements AuthenticationEntryPoint {
public void commence(HttpServletRequest request, HttpServletResponse, AuthenticationException e) throws IOException, ServletException {
//Logic on how to handle JWT exception goes here
}
}
public class StatelessAuthenticationFilter extends GenericFilterBean {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
try {
//DECRYPT YOUR JWT
} catch (Exception e) {
throw new AuthenticationException();//If you get an exception wrap it in a AuthenticationException (or a class that extends it)
}
}
}
代码示例来源:origin: apache/servicemix-bundles
|| !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
return;
.getAuthenticationEntryPoint()).getLoginFormUrl();
logger.info("Checking whether login URL '" + loginPage
+ "' is accessible with your configuration");
内容来源于网络,如有侵权,请联系作者删除!