-
Notifications
You must be signed in to change notification settings - Fork 188
/
MidpointBeanPostProcessor.java
49 lines (41 loc) · 1.77 KB
/
MidpointBeanPostProcessor.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
/*
* Copyright (c) 2010-2019 Evolveum and contributors
*
* This work is dual-licensed under the Apache License 2.0
* and European Union Public License. See LICENSE file for details.
*/
package com.evolveum.midpoint.web.security;
import com.evolveum.midpoint.security.api.SecurityUtil;
import com.evolveum.midpoint.web.security.util.SecurityUtils;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.csrf.CsrfFilter;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @author skublik
*/
@Component
class MidpointBeanPostProcessor implements BeanPostProcessor {
@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
if (bean instanceof CsrfFilter) {
CsrfFilter csrfFilter = (CsrfFilter) bean;
csrfFilter.setAccessDeniedHandler(new MidpointAccessDeniedHandler());
}
if (bean instanceof RegisterSessionAuthenticationStrategy) {
RegisterSessionAuthenticationStrategy strategy = (RegisterSessionAuthenticationStrategy) bean;
return new MidpointRegisterSessionAuthenticationStrategy(strategy);
}
return bean;
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
return bean;
}
}