mgoldgeier
commented
3 weeks ago Unfortunately I don’t have a way to test this anymore. I would suggest looking at the official waffle repo which looks to have specific code for spring boot 3.
Open Eyvind-A opened 3 weeks ago
mgoldgeier
commented
3 weeks ago Unfortunately I don’t have a way to test this anymore. I would suggest looking at the official waffle repo which looks to have specific code for spring boot 3.
The Waffle code in our Vaadin app is based on this demo. It worked before the update to Spring Boot 3, but not anymore. I have debugged the source code for Waffle.
request.getHeader("Authorization"); is called on line 61 in the Waffle-class AuthorizationHeader. This returns null, which causes no WindowsPrincipal being created. This makes it impossible to being authenticated. How can this be solved? This is my code (almost the same as in the demo):
@configuration @EnableWebSecurity @EnableMethodSecurity(securedEnabled = true) @componentscan public class SecurityConfiguration {
@Autowired private NegotiateSecurityFilter negotiateSecurityFilter;
@Autowired private NegotiateSecurityFilterEntryPoint entryPoint;
protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.authorizeHttpRequests(requests -> { requests.requestMatchers("/").permitAll() .requestMatchers("/").authenticated(); }) .headers(headers -> headers .frameOptions(frameOptions -> frameOptions .sameOrigin() ) ) .addFilterAfter(negotiateSecurityFilter, BasicAuthenticationFilter.class); http.csrf(AbstractHttpConfigurer::disable);
} @configuration public class WaffleConfig {
@Bean public WindowsAuthProviderImpl waffleWindowsAuthProvider() { return new WindowsAuthProviderImpl(); }
@Bean public NegotiateSecurityFilterProvider negotiateSecurityFilterProvider( WindowsAuthProviderImpl windowsAuthProvider) { NegotiateSecurityFilterProvider negotiateSecurityFilterProvider = new NegotiateSecurityFilterProvider(windowsAuthProvider); negotiateSecurityFilterProvider.setProtocols(Arrays.asList("NTLM")); return negotiateSecurityFilterProvider; }
@Bean public BasicSecurityFilterProvider basicSecurityFilterProvider(WindowsAuthProviderImpl windowsAuthProvider) { return new BasicSecurityFilterProvider(windowsAuthProvider); }
@Bean public SecurityFilterProviderCollection waffleSecurityFilterProviderCollection( NegotiateSecurityFilterProvider negotiateSecurityFilterProvider, BasicSecurityFilterProvider basicSecurityFilterProvider) { SecurityFilterProvider[] securityFilterProviders = { negotiateSecurityFilterProvider, basicSecurityFilterProvider }; return new SecurityFilterProviderCollection(securityFilterProviders); }
@Bean public NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint( SecurityFilterProviderCollection securityFilterProviderCollection) { NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint = new NegotiateSecurityFilterEntryPoint(); negotiateSecurityFilterEntryPoint.setProvider(securityFilterProviderCollection); return negotiateSecurityFilterEntryPoint; }
@Bean public NegotiateSecurityFilter waffleNegotiateSecurityFilter(SecurityFilterProviderCollection securityFilterProviderCollection) { NegotiateSecurityFilter negotiateSecurityFilter = new NegotiateSecurityFilter(); negotiateSecurityFilter.setProvider(securityFilterProviderCollection); return negotiateSecurityFilter; }
// This is required for Spring Boot so it does not register the same filter twice @Bean public FilterRegistrationBean waffleNegotiateSecurityFilterRegistration(NegotiateSecurityFilter waffleNegotiateSecurityFilter) { FilterRegistrationBean registrationBean = new FilterRegistrationBean(); registrationBean.setFilter(waffleNegotiateSecurityFilter); registrationBean.setEnabled(false); return registrationBean; }