1.Implement org.springframework.security.userdetails.UserDetails interface and implement all the methods
public class UserProfile implements Serializable, UserDetails
2.Implement AuthenticationUserDetailsService interface
Implement method : UserDetails loadUserDetails(Authentication token) throws UsernameNotFoundException;
public class UserDetailsService implements AuthenticationUserDetailsService
<bean id="preAuthenticatedUserDetailsService"
class="com.test.common.security.service.impl.UserDetailsService">
</bean>
3.Create Authontication provider and in case of cusotm authontication use security with "custom-authentication-provider"
as below :
<bean id="preAuthenticatedAuthenticationProvider"
class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
<security:custom-authentication-provider />
<property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService" />
</bean>
4.Pass object of preAuthenticatedAuthenticationProvider interface to "ProviderManager" as property "providers" as below :
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="preAuthenticatedAuthenticationProvider" />
</list>
</property>
</bean>
5. Create bean authenticationProcessingFilter , if needed to declare as PRE_AUTH then put entry into
security tag as below :
<!-- This bean id should not be changed -->
<bean id="authenticationProcessingFilter" scope="prototype"
class="com.test.common.security.filter.AuthProcessinglFilter">
<security:custom-filter position="PRE_AUTH_FILTER" />
<property name="authenticationManager" ref="authenticationManager" />
</bean>
SESSION_USER_PROFILE = "UserProfile";
public class AuthProcessinglFilter extends AbstractPreAuthenticatedProcessingFilter {
@Override
protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {
return request.getSession(false).getAttribute(SESSION_USER_PROFILE);
}
@Override
protected Object getPreAuthenticatedCredentials(HttpServletRequest request) {
UserProfile profile = (UserProfile) request.getSession(false)
.getAttribute(SESSION_USER_PROFILE);
if (profile != null) {
return profile.getCredentials();
}
return null;
}
public int getOrder() {
return FilterChainOrder.PRE_AUTH_FILTER;
}
}
6. Write following bean for sure :
<bean id="authenticationEntryPoint"
class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint" />
And setup ACL context if needed to apply on URL based scheme :
<!-- ACL context configuration start -->
<security:http entry-point-ref="authenticationEntryPoint"
auto-config="false" session-fixation-protection="none"
lowercase-comparisons="false" access-denied-page="/WEB-INF/jsp/error/AccessDenied.jsp">
<security:intercept-url pattern="/6/*.action" access="ROLE_ADMIN" />
<security:intercept-url pattern="/61/*.action" access="ROLE_USER" />
<security:anonymous />
</security:http>
7.Setup following Spring Security filter into web.xml
<filter>
<filter-name>SecurityFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>springSecurityFilterChain</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<url-pattern>*.action</url-pattern>
</filter-mapping>
This blog is dedicated to share my experience during my development as a purpose of notes and explorer various web / enterprise technologies like JAVA , JEE , Spring ,hybris, Portal , Jquery , RAI , JMS, Weblogic , SSL , Security, CS, MAC< Linux, Windows, Search, IOT, Arduino, Machine Learning, Tips, Angular, Node JS, React, Mac, Windows, Stack, Exception, Error etc. with examples.
Search This Blog
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Recently while installing android SDK , I was getting following error "Unable to elevate" error Solution I tried : 1. R...
-
I was getting following problem after copying JAD plugin jar into eclipse plugin folder : java.io.IOException: Cannot run program ...
-
Communication of nodes in SAP commerce(Hybris) environment was failing in cluster with following error: INFO | jvm 1 | main | 2020/0...
-
During git commit -m 'text' we observed error error: invalid object 100644 b1bc4dae98865adf256e130c6bce53bb09d3e93b for 'path...
No comments:
Post a Comment
Thanks for your comment, will revert as soon as we read it.