Stack Overflow
Stack Overflow

Questions tagged [pre-authentication]

78 questions
24
votes
1 answer

Spring security PreAuthentication Filter asks for AuthenticationEntryPoint

I am trying to use PreAuthFilter (for Siteminder) with Spring Security 3.0.
Nirmal Patel
  • 5,128
  • 8
  • 41
  • 52
15
votes
1 answer

How to setup pre-authentication header-based authentication in Spring Boot?

My app gets an AUTH_USER request header with username from Oracle Access Manager SSO. Spring Security "Additional Topics" 2.2.1 has an example of "PreAuth" that seems to be what I need, but not a full working example. Snippets below are from…
Tim
  • 702
  • 2
  • 6
  • 17
11
votes
2 answers

Using spring security annotations with keycloak

I'm just a beginner in Spring Security, but I would like to know is it possible to configure keycloak in a way that I can use @PreAuthorize, @PostAuthorize, @Secured and other annotations. For example, I've configured the…
Andrey Sarul
  • 1,382
  • 2
  • 16
  • 20
11
votes
1 answer

How to use path variable in @Preauthorize

I have a situation where i need to pass the path variable as a argument to the preauthorize @RequestMapping(value="/page/{cmd}", method = RequestMethod.GET) @PreAuthorize("hasRole(#cmd)") public void method(@PathVariable String cmd,…
Krishnan
  • 185
  • 3
  • 11
6
votes
2 answers

How do I re-authenticate a user in an ASP.NET MVC 3 Intranet application?

The application is already using Windows integrated security, not Forms. What I am trying to accomplish is a so called "step-up" authentication, or "force re-authentication" for the following scenario: the user is browsing the site doing common,…
PricklyMaster
  • 85
  • 1
  • 7
5
votes
1 answer

Multiple pre-auth filters in Spring Security?

I have a need to have multiple PRE_AUTH Spring Security filters. In particular I need to use a PRE_AUTH filter in addition to the two filters configured as PRE_AUTH in the SAML extension to Spring Security 3.0. The existing SAML configuration…
C. Ross
  • 31,137
  • 42
  • 147
  • 238
5
votes
4 answers

Spring Security Java Config

I'm trying to use JavaConfig instead of XML configuration for Spring Security. I would like to use @PreAuthorization for declaring access rights. My Spring Security Config looks like…
mhmpl
  • 1,045
  • 2
  • 13
  • 29
5
votes
2 answers

Example of Spring Security PreAuthentication Filter on WebSphere?

Does anybody have the Spring Security sample PreAuthentication Filter for WebSphere working (WebSpherePreAuthenticatedProcessingFilter)? There is very little documentation on it and I just can't seem to nail it. I'm looking for someone who has it…
Cody Burleson
  • 244
  • 2
  • 6
4
votes
0 answers

java Kerberos - unix kinit works, java not - Additional pre-authentication required

I've got problem with connection using Kerberos authentication. If I use linux kinit with my custom KRB5.conf (connecting to windows kerberos AD), everything works smoothly. kinit -kVt -v keytab specified, forcing -k Using…
Miki93
  • 41
  • 3
4
votes
0 answers

PreAuthenticatedAuthenticationProvider UserDetailsService how to catch the right exception

I am under Spring Boot 2.0.5 (Spring Security 5.0.8) I have setup a preauthentication filter chain, which works fine, only thing problematic is the exception handling, especially those thrown form my custom UserDetailsService. I also tried to return…
Khalil Bouzekri
  • 210
  • 4
  • 12
4
votes
1 answer

Spring Security HeaderPreAuthentication Principal Not Resolved from @AuthenticationPrincipal

I have an existing Spring Boot Application with authentication to the web application handled by a third party authentication service. Like SiteMinder, the 3rd party service injects a header into the HTTP requests, say USER_HEADER. I am tasked with…
medge
  • 598
  • 5
  • 16
3
votes
0 answers

How to bypass form login filter if pre-authentication was successful in spring?

Is it possible to bypass the form login filter if the pre-authentication filter successfully extracted user information from the request? The form login filter would be used as a fallback in case the incoming request was not pre-authenticated. I am…
Adam
  • 61
  • 2
3
votes
0 answers

authentication single sign-on spring

I have the following scenario for single sign on: Clicking link for web app on portal (http) get sso integration page. sso integration page comes for a while on browser..then it automatically (http)post data to the web-app with hidden fields Web…
user3516088
  • 155
  • 2
  • 11
3
votes
1 answer

How to delegate an authentication-manager to a specific CustomUserDetailsService, based on the RequestHeaderAuthenticationFilter?

I'm having a problem pre-authenticating users in a spring based app. Here is my scenario. I have two CustomUserDetailsServices, one for Employees and one for Customers. In front of my server it is implemented a proxy, that adds to the Http Header of…
Capybara
  • 157
  • 2
  • 7
3
votes
0 answers

Websphere 8 + Spring Security preAuthentication + not redirecting to login page after unauthenticated request to protected resources

i have an issue with redirecting to login.jsp page after a request to a rotected resource made by an unauthenticated user; my JSF 2 web app is deployed on WAS 8.5 where i set a custom security domain with a custom database realm and stands under a…
MatteoM
  • 236
  • 2
  • 9
1
2 3 4 5 6