@Override
public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException {
super.initializeFromConfig(config);
pathInfos = GeoServerSecurityFilterChain.FORM_LOGIN_CHAIN.split(",");
UsernamePasswordAuthenticationFilterConfig upConfig =
(UsernamePasswordAuthenticationFilterConfig) config;
aep = new LoginUrlAuthenticationEntryPoint(URL_LOGIN_FORM);
aep.setForceHttps(false);
try {
aep.afterPropertiesSet();
} catch (Exception e2) {
throw new IOException(e2);
}
RememberMeServices rms = securityManager.getRememberMeService();
// add login filter
UsernamePasswordAuthenticationFilter filter =
new UsernamePasswordAuthenticationFilter() {
@Override
protected boolean requiresAuthentication(
HttpServletRequest request, HttpServletResponse response) {
for (String pathInfo : pathInfos) {
if (getRequestPath(request).startsWith(pathInfo)) return true;
}
return false;
}
};
filter.setPasswordParameter(upConfig.getPasswordParameterName());
filter.setUsernameParameter(upConfig.getUsernameParameterName());
filter.setAuthenticationManager(getSecurityManager());
filter.setRememberMeServices(rms);
GeoServerWebAuthenticationDetailsSource s = new GeoServerWebAuthenticationDetailsSource();
filter.setAuthenticationDetailsSource(s);
filter.setAllowSessionCreation(false);
// filter.setFilterProcessesUrl(URL_FOR_LOGIN);
SimpleUrlAuthenticationSuccessHandler successHandler =
new SimpleUrlAuthenticationSuccessHandler();
successHandler.setDefaultTargetUrl(URL_LOGIN_SUCCCESS);
filter.setAuthenticationSuccessHandler(successHandler);
SimpleUrlAuthenticationFailureHandler failureHandler =
new SimpleUrlAuthenticationFailureHandler();
// TODO, check this when using encrypting of URL parameters
failureHandler.setDefaultFailureUrl(URL_LOGIN_FAILURE);
filter.setAuthenticationFailureHandler(failureHandler);
// filter.afterPropertiesSet();
getNestedFilters().add(filter);
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
req.setAttribute(GeoServerSecurityFilter.AUTHENTICATION_ENTRY_POINT_HEADER, aep);
super.doFilter(req, res, chain);
}