BasicAuthConfiguration.java
package cn.home1.oss.lib.security.starter;
import static cn.home1.oss.boot.autoconfigure.AppType.MIXED;
import static cn.home1.oss.boot.autoconfigure.AppType.RESOURCE;
import static cn.home1.oss.boot.autoconfigure.AppType.RESTFUL;
import static cn.home1.oss.boot.autoconfigure.AppType.TEMPLATE;
import static cn.home1.oss.lib.security.internal.rest.RestfulBasicAuthenticationEntryPoint.DEFAULT_REALM_NAME;
import static org.springframework.boot.autoconfigure.security.SecurityProperties.BASIC_AUTH_ORDER;
import cn.home1.oss.boot.autoconfigure.AppProperties;
import cn.home1.oss.boot.autoconfigure.AppSecurity;
import cn.home1.oss.boot.autoconfigure.ConditionalOnAppSecurity;
import cn.home1.oss.boot.autoconfigure.ConditionalOnAppType;
import cn.home1.oss.lib.errorhandle.internal.RestfulExceptionHandler;
import cn.home1.oss.lib.security.internal.rest.RestfulBasicAuthenticationEntryPoint;
import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.core.env.Environment;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.AuthenticationEntryPoint;
/**
* Created by zhanghaolun on 16/8/19.
*/
@Configuration
@Order(BasicAuthConfiguration.ORDER_BASIC_AUTH)
public class BasicAuthConfiguration extends SecurityConfigurerAdapter<BasicAuthConfiguration> {
public static final int ORDER_BASIC_AUTH = BASIC_AUTH_ORDER + 1;
public static final String BASIC_AUTHENTICATION_ENTRYPOINT = "basicAuthenticationEntryPoint";
@Autowired
private AppProperties appProperties;
@Autowired
private Environment environment;
@Autowired
private RestfulExceptionHandler exceptionHandler;
@SneakyThrows
@Override
public void configure(final HttpSecurity http) {
if (this.appProperties.getSecurity().getEnabled() && this.appProperties.getType() != RESOURCE) {
http.httpBasic() //
.authenticationEntryPoint(this.basicAuthenticationEntryPoint(this.environment));
} else {
http.httpBasic() //
.disable();
}
}
@Bean(name = BASIC_AUTHENTICATION_ENTRYPOINT)
@ConditionalOnAppSecurity(AppSecurity.ENABLED)
@ConditionalOnAppType({MIXED, RESTFUL, TEMPLATE})
public AuthenticationEntryPoint basicAuthenticationEntryPoint(final Environment environment) {
final String realmName = environment.getProperty("security.basic.realm", DEFAULT_REALM_NAME);
final RestfulBasicAuthenticationEntryPoint entryPoint = new RestfulBasicAuthenticationEntryPoint();
entryPoint.setExceptionHandler(this.exceptionHandler);
entryPoint.setRealmName(realmName);
return entryPoint;
}
}