List of usage examples for org.springframework.security.web.access.intercept FilterSecurityInterceptor setAlwaysReauthenticate
public void setAlwaysReauthenticate(boolean alwaysReauthenticate)
AbstractSecurityInterceptor
should ignore the Authentication#isAuthenticated() property. From source file:nu.localhost.tapestry5.springsecurity.services.SecurityModule.java
@Marker(SpringSecurityServices.class) public static HttpServletRequestFilter buildFilterSecurityInterceptor( @SpringSecurityServices final AccessDecisionManager accessDecisionManager, @SpringSecurityServices final AuthenticationManager manager, final Collection<RequestInvocationDefinition> contributions) throws Exception { FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor(); LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = convertCollectionToLinkedHashMap( contributions);// ww w . j a va2 s . c o m DefaultFilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource( requestMap); interceptor.setAccessDecisionManager(accessDecisionManager); interceptor.setAlwaysReauthenticate(false); interceptor.setAuthenticationManager(manager); interceptor.setSecurityMetadataSource(source); interceptor.setValidateConfigAttributes(true); interceptor.afterPropertiesSet(); return new HttpServletRequestFilterWrapper(interceptor); }
From source file:ch.astina.hesperid.web.services.SecurityModule.java
/** * Checks if access to the HTTP resource is allowed ( * {@link org.springframework.security.access.intercept.AbstractSecurityInterceptor#beforeInvocation(Object)} * ) and throws {@link org.springframework.security.access.AccessDeniedException} otherwise */// ww w .j a va 2 s. c o m @Marker(SpringSecurityServices.class) public static HttpServletRequestFilter buildFilterSecurityInterceptor( @SpringSecurityServices final AccessDecisionManager accessDecisionManager, @SpringSecurityServices final AuthenticationManager manager, final Collection<RequestInvocationDefinition> contributions) throws Exception { FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor(); LinkedHashMap<RequestKey, Collection<ConfigAttribute>> requestMap = convertCollectionToLinkedHashMap( contributions); DefaultFilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource( new AntUrlPathMatcher(true), requestMap); interceptor.setAccessDecisionManager(accessDecisionManager); interceptor.setAlwaysReauthenticate(false); interceptor.setAuthenticationManager(manager); interceptor.setSecurityMetadataSource(source); interceptor.setValidateConfigAttributes(true); interceptor.afterPropertiesSet(); return new HttpServletRequestFilterWrapper(interceptor); }