Using a custom form for Spring Security Waffle authentication instead of the browser popup

Question

I am creating a Spring MVC application that authenticates using Waffle. I have successfully configured it and it works just fine, but I would like to use a custom form instead of the browser popup when the browser does not automatically send their network credentials.

I have modified my configuration to use formLogin() hoping that it would use my existing authentication, but no luck.

package com.zeroalpha.waffledemo;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

import waffle.spring.NegotiateSecurityFilter;
import waffle.spring.NegotiateSecurityFilterEntryPoint;

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{

    @Autowired
    private NegotiateSecurityFilterEntryPoint authenticationEntryPoint;

    @Autowired
    private NegotiateSecurityFilter securityFilter;

    @Override
    protected void configure(final HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .anyRequest().authenticated()
            .and()
                .addFilterBefore(this.securityFilter, BasicAuthenticationFilter.class)
                .httpBasic()
                .authenticationEntryPoint(this.authenticationEntryPoint)
            .and()
                .formLogin();

    }

}

This would be the ideal behavior:

update: Major Progress! I have successfully got the form to authenticate using Windows network credentials. Here's how I did it:

First of all, let me show you the bean declarations I left out of my original post. They are located in a separate class.

// Waffle Spring Security Beans
@Bean
public WindowsAuthProviderImpl windowsAuthProvider() {
    return new WindowsAuthProviderImpl();
}
@Bean
@Autowired
public NegotiateSecurityFilterProvider negotiateSecurityFilterProvider(final WindowsAuthProviderImpl windowsAuthProvider) {
    return new NegotiateSecurityFilterProvider(windowsAuthProvider);
}
@Bean
@Autowired
public SecurityFilterProviderCollection waffleSecurityFilterProviderCollection(final NegotiateSecurityFilterProvider negotiateSecurityFilterProvider) {
    final List<SecurityFilterProvider> securityFilterProviders = new ArrayList<SecurityFilterProvider>();
    securityFilterProviders.add(negotiateSecurityFilterProvider);
    return new SecurityFilterProviderCollection(securityFilterProviders.toArray(new SecurityFilterProvider[]{}));
}
@Bean
@Autowired
public NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint(final SecurityFilterProviderCollection securityFilterProviderCollection) {
    final NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint = new NegotiateSecurityFilterEntryPoint();
    negotiateSecurityFilterEntryPoint.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilterEntryPoint;
}
@Bean
@Autowired
public NegotiateSecurityFilter waffleNegotiateSecurityFilter(final SecurityFilterProviderCollection securityFilterProviderCollection) {
    final NegotiateSecurityFilter negotiateSecurityFilter = new NegotiateSecurityFilter();
    negotiateSecurityFilter.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilter;
}
@Bean
public WaffleAuthenticationDetailsSource waffleAuthenticationDetailsSource() {
    return new WaffleAuthenticationDetailsSource();
}

Now, this is how I got the generated spring security form to authenticate with Windows network credentials

First, I added this bean of type waffle.spring.WindowsAuthenticationProvider

@Bean
@Autowired
public WindowsAuthenticationProvider windowsAuthenticationProvider(final WindowsAuthProviderImpl windowsAuthProvider) {
    WindowsAuthenticationProvider provider = new WindowsAuthenticationProvider();
    provider.setAuthProvider(windowsAuthProvider);
    return provider;
}

Then I added it to SecurityConfig.java and used it to set the authentication provider in the http security chain

...

@Autowired
public WindowsAuthenticationProvider windowsAuthenticationProvider;

@Override
protected void configure(final HttpSecurity http) throws Exception {
    http
        .authorizeRequests()
            .anyRequest().authenticated()
        .and()
            .addFilterBefore(this.securityFilter, BasicAuthenticationFilter.class)
            .httpBasic()
            .authenticationEntryPoint(this.authenticationEntryPoint)
        .and()
            .authenticationProvider(windowsAuthenticationProvider) // Set authentication provider here
            .formLogin()
            .authenticationDetailsSource(waffleAuthenticationDetailsSource);

}

Now I just have to figure out how to only use the form if the browser doesn't send the credentials! Hmmmm....

When you submit an user name or password incorrect in form login, What is the result?, do you have a custom exception handler — ronielhcuervo, Oct 26 '16 at 21:00
@ronielhcuervo no custom exception handler, just the default Spring Security error form. — secondbreakfast, Oct 27 '16 at 17:31

Using a custom form for Spring Security Waffle authentication instead of the browser popup

0 Answers0