spring-security-oauth2
.@Deprecated public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractAuthenticationFilterConfigurer<H,OpenIDLoginConfigurer<H>,OpenIDAuthenticationFilter>
@Configuration @EnableWebSecurity public class OpenIDLoginConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) { http .authorizeRequests() .antMatchers("/**").hasRole("USER") .and() .openidLogin() .permitAll(); } @Override protected void configure(AuthenticationManagerBuilder auth)( AuthenticationManagerBuilder auth) throws Exception { auth .inMemoryAuthentication() .withUser("https://www.google.com/accounts/o8/id?id=lmkCn9xzPdsxVwG7pjYMuDgNNdASFmobNkcRPaWU") .password("password") .roles("USER"); } }
AuthenticationEntryPoint
is populated with a
LoginUrlAuthenticationEntryPoint
OpenIDAuthenticationProvider
is populated into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
AuthenticationManager
RememberMeServices
- is optionally used. See RememberMeConfigurer
SessionAuthenticationStrategy
- is optionally used. See
SessionManagementConfigurer
Modifier and Type | Class and Description |
---|---|
class |
OpenIDLoginConfigurer.AttributeExchangeConfigurer
Deprecated.
A class used to add OpenID attributes to look up
|
Constructor and Description |
---|
OpenIDLoginConfigurer()
Deprecated.
Creates a new instance
|
Modifier and Type | Method and Description |
---|---|
OpenIDLoginConfigurer<H> |
attributeExchange(Customizer<OpenIDLoginConfigurer.AttributeExchangeConfigurer> attributeExchangeCustomizer)
Deprecated.
Sets up OpenID attribute exchange for OpenIDs matching the specified pattern.
|
OpenIDLoginConfigurer.AttributeExchangeConfigurer |
attributeExchange(java.lang.String identifierPattern)
Deprecated.
Sets up OpenID attribute exchange for OpenID's matching the specified pattern.
|
OpenIDLoginConfigurer<H> |
authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken> authenticationUserDetailsService)
Deprecated.
The
AuthenticationUserDetailsService to use. |
void |
configure(H http)
Deprecated.
Configure the
SecurityBuilder by setting the necessary properties on the
SecurityBuilder . |
OpenIDLoginConfigurer<H> |
consumer(OpenIDConsumer consumer)
Deprecated.
Allows specifying the
OpenIDConsumer to be used. |
OpenIDLoginConfigurer<H> |
consumerManager(org.openid4java.consumer.ConsumerManager consumerManager)
Deprecated.
Allows specifying the
ConsumerManager to be used. |
protected RequestMatcher |
createLoginProcessingUrlMatcher(java.lang.String loginProcessingUrl)
Deprecated.
Create the
RequestMatcher given a loginProcessingUrl |
void |
init(H http)
Deprecated.
Initialize the
SecurityBuilder . |
OpenIDLoginConfigurer<H> |
loginPage(java.lang.String loginPage)
Deprecated.
Specifies the URL to send users to if login is required.
|
OpenIDLoginConfigurer<H> |
loginProcessingUrl(java.lang.String loginProcessingUrl)
Deprecated.
Specifies the URL used to authenticate OpenID requests.
|
authenticationDetailsSource, defaultSuccessUrl, defaultSuccessUrl, failureHandler, failureUrl, getAuthenticationEntryPoint, getAuthenticationEntryPointMatcher, getAuthenticationFilter, getFailureUrl, getLoginPage, getLoginProcessingUrl, isCustomLoginPage, permitAll, permitAll, registerAuthenticationEntryPoint, registerDefaultAuthenticationEntryPoint, setAuthenticationFilter, successHandler, updateAccessDefaults, updateAuthenticationDefaults
disable, withObjectPostProcessor
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
public OpenIDLoginConfigurer()
public OpenIDLoginConfigurer.AttributeExchangeConfigurer attributeExchange(java.lang.String identifierPattern)
identifierPattern
- the regular expression for matching on OpenID's (i.e.
"https://www.google.com/.*", ".*yahoo.com.*", etc)OpenIDLoginConfigurer.AttributeExchangeConfigurer
for further customizations of the
attribute exchangepublic OpenIDLoginConfigurer<H> attributeExchange(Customizer<OpenIDLoginConfigurer.AttributeExchangeConfigurer> attributeExchangeCustomizer)
OpenIDLoginConfigurer.AttributeExchangeConfigurer.identifierPattern(String)
attributeExchangeCustomizer
- the Customizer
to provide more options
for the OpenIDLoginConfigurer.AttributeExchangeConfigurer
OpenIDLoginConfigurer
for further customizationspublic OpenIDLoginConfigurer<H> consumer(OpenIDConsumer consumer)
OpenIDConsumer
to be used. The default is using an
OpenID4JavaConsumer
.consumer
- the OpenIDConsumer
to be usedOpenIDLoginConfigurer
for further customizationspublic OpenIDLoginConfigurer<H> consumerManager(org.openid4java.consumer.ConsumerManager consumerManager)
ConsumerManager
to be used. If specified, will be
populated into an OpenID4JavaConsumer
.
This is a shortcut for specifying the OpenID4JavaConsumer
with a specific
ConsumerManager
on consumer(OpenIDConsumer)
.
consumerManager
- the ConsumerManager
to use. Cannot be null.OpenIDLoginConfigurer
for further customizationspublic OpenIDLoginConfigurer<H> authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken> authenticationUserDetailsService)
AuthenticationUserDetailsService
to use. By default a
UserDetailsByNameServiceWrapper
is used with the UserDetailsService
shared object found with AbstractConfiguredSecurityBuilder.getSharedObject(Class)
.authenticationUserDetailsService
- the AuthenticationDetailsSource
to
useOpenIDLoginConfigurer
for further customizationspublic OpenIDLoginConfigurer<H> loginProcessingUrl(java.lang.String loginProcessingUrl)
HttpServletRequest
matches this URL the OpenIDAuthenticationFilter
will attempt to authenticate the request. The default is "/login/openid".loginProcessingUrl
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
loginProcessingUrl
- the URL used to perform authenticationOpenIDLoginConfigurer
for additional customizationpublic OpenIDLoginConfigurer<H> loginPage(java.lang.String loginPage)
Specifies the URL to send users to if login is required. If used with
WebSecurityConfigurerAdapter
a default login page will be generated when
this attribute is not specified.
If a URL is specified or this is not being used in conjuction with
WebSecurityConfigurerAdapter
, users are required to process the specified
URL to generate a login page.
loginProcessingUrl(String)
OpenIDAuthenticationFilter.DEFAULT_CLAIMED_IDENTITY_FIELD
loginPage
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
loginPage
- the login page to redirect to if authentication is required (i.e.
"/login")FormLoginConfigurer
for additional customizationpublic void init(H http) throws java.lang.Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be created
and modified, but not properties on the SecurityBuilder
used for building
the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder)
method uses
the correct shared objects when building. Configurers should be applied here.init
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
java.lang.Exception
public void configure(H http) throws java.lang.Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties on the
SecurityBuilder
.configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
java.lang.Exception
protected RequestMatcher createLoginProcessingUrlMatcher(java.lang.String loginProcessingUrl)
AbstractAuthenticationFilterConfigurer
RequestMatcher
given a loginProcessingUrlcreateLoginProcessingUrlMatcher
in class AbstractAuthenticationFilterConfigurer<H extends HttpSecurityBuilder<H>,OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>,OpenIDAuthenticationFilter>
loginProcessingUrl
- creates the RequestMatcher
based upon the
loginProcessingUrlRequestMatcher
to use based upon the loginProcessingUrl