List of usage examples for org.springframework.http HttpMethod OPTIONS
HttpMethod OPTIONS
To view the source code for org.springframework.http HttpMethod OPTIONS.
Click Source Link
From source file:net.eusashead.hateoas.response.argumentresolver.ResponseBuilderMethodArgumentResolverITCase.java
@Test public void testOptions() throws Exception { this.mockMvc//from w w w .j a v a2 s . co m .perform(request(HttpMethod.OPTIONS, "http://localhost/entity") .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)) .andExpect(status().isOk()).andExpect(header().string("Allow", "GET,HEAD")).andReturn(); }
From source file:de.codecentric.boot.admin.web.CorsFilterOnDifferentPortsTest.java
@Test public void testCORS_OPTIONS_application() { // DO NOT serve CORS-Headers on application-endpoints ResponseEntity<Void> options = new TestRestTemplate().exchange("http://localhost:" + serverPort + "/hello", HttpMethod.OPTIONS, HttpEntity.EMPTY, Void.class); assertEquals(HttpStatus.OK, options.getStatusCode()); assertEquals(null, options.getHeaders().get("Access-Control-Allow-Origin")); assertEquals(null, options.getHeaders().get("Access-Control-Allow-Headers")); }
From source file:io.syndesis.runtime.KeycloakConfiguration.java
@Override @SuppressWarnings("PMD.SignatureDeclareThrowsException") protected void configure(HttpSecurity http) throws Exception { http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .sessionAuthenticationStrategy(sessionAuthenticationStrategy()).and() .addFilterBefore(keycloakPreAuthActionsFilter(), LogoutFilter.class) .addFilterBefore(keycloakAuthenticationProcessingFilter(), X509AuthenticationFilter.class) .exceptionHandling().authenticationEntryPoint(authenticationEntryPoint()).and().authorizeRequests() .antMatchers(HttpMethod.OPTIONS).permitAll().antMatchers("/api/v1/swagger.*").permitAll() .antMatchers("/api/v1/index.html").permitAll() .antMatchers(HttpMethod.GET, "/api/v1/credentials/callback").permitAll().antMatchers("/api/v1/**") .authenticated().antMatchers("/api/setup").authenticated().anyRequest().permitAll(); http.csrf().disable();/*from w w w .ja v a2s . c o m*/ }
From source file:com.frequentis.maritime.mcsr.config.SecurityConfiguration.java
@Override public void configure(WebSecurity web) throws Exception { log.debug("Configuring WebSecurity"); web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**").antMatchers("/app/**/*.{js,html}") .antMatchers("/bower_components/**").antMatchers("/i18n/**").antMatchers("/content/**") .antMatchers("/swagger-ui/index.html").antMatchers("/test/**").antMatchers("/h2-console/**"); }
From source file:ch.ge.ve.protopoc.config.WebSecurityConfigurer.java
@Override protected void configure(HttpSecurity httpSecurity) throws Exception { httpSecurity//from www .j a v a 2 s.c om // don't create session .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() // restrict access for some URLs .authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/**").permitAll() .antMatchers("/api/accounts/*").denyAll().antMatchers("/auth/login").permitAll().antMatchers("/") .permitAll().anyRequest().fullyAuthenticated().and() // JWT tokens are immune to CSRF, // see http://stackoverflow.com/questions/21357182/csrf-token-necessary-when-using-stateless-sessionless-authentication .csrf().disable(); // Custom JWT based security filter httpSecurity.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class); // disable page caching httpSecurity.headers().cacheControl(); }
From source file:cucumber.api.spring.test.web.servlet.MockMvcStepdefs.java
@When("^I perform an OPTIONS request on \"(.*?)\"$") public void i_perform_an_options_request_on(String uri) throws Throwable { i_perform_a_request_on(HttpMethod.OPTIONS, uri); }
From source file:net.eusashead.hateoas.response.argumentresolver.AsyncEntityControllerITCase.java
@Test public void testOptions() throws Exception { // Expected result HttpHeaders headers = new HttpHeaders(); Set<HttpMethod> allowedMethods = new TreeSet<HttpMethod>(); allowedMethods.addAll(Arrays.asList(HttpMethod.GET, HttpMethod.HEAD)); headers.setAllow(allowedMethods);//www. j av a 2 s .c o m ResponseEntity<Entity> expectedResult = new ResponseEntity<Entity>(new Entity("foo"), headers, HttpStatus.OK); // Execute asynchronously MvcResult mvcResult = this.mockMvc .perform(request(HttpMethod.OPTIONS, "http://localhost/async/foo") .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)) .andExpect(request().asyncStarted()).andExpect(request().asyncResult(expectedResult)).andReturn(); // Perform asynchronous dispatch this.mockMvc.perform(asyncDispatch(mvcResult)).andDo(print()).andExpect(status().isOk()) .andExpect(content().contentType(new MediaType("application", "json", Charset.forName("UTF-8")))); }
From source file:com.logsniffer.event.publisher.http.HttpPublisherTest.java
@Test public void testOptions() throws PublishException { stubFor(options(urlEqualTo("/eventId/1234567890")).willReturn(aResponse().withStatus(201))); publisher.setMethod(HttpMethod.OPTIONS); publisher.setUrl("http://localhost:" + port + "/eventId/1234567890"); Event event = new Event(); event.setId("123"); publisher.publish(event);//from www .ja v a 2 s . c o m }
From source file:io.gravitee.management.security.config.basic.BasicSecurityConfigurerAdapter.java
@Override protected void configure(HttpSecurity http) throws Exception { final String jwtSecret = environment.getProperty("jwt.secret"); if (jwtSecret == null || jwtSecret.isEmpty()) { throw new IllegalStateException("JWT secret is mandatory"); }/*from w ww . ja v a 2 s. c o m*/ http.httpBasic().realmName("Gravitee.io Management API").and().sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests() .antMatchers(HttpMethod.OPTIONS, "**").permitAll().antMatchers(HttpMethod.GET, "/user/**") .permitAll() // API requests .antMatchers(HttpMethod.GET, "/apis/**").permitAll().antMatchers(HttpMethod.POST, "/apis/**") .hasAnyAuthority("ADMIN", "API_PUBLISHER").antMatchers(HttpMethod.PUT, "/apis/**") .hasAnyAuthority("ADMIN", "API_PUBLISHER").antMatchers(HttpMethod.DELETE, "/apis/**") .hasAnyAuthority("ADMIN", "API_PUBLISHER") // Application requests .antMatchers(HttpMethod.POST, "/applications/**").hasAnyAuthority("ADMIN", "API_CONSUMER") .antMatchers(HttpMethod.PUT, "/applications/**").hasAnyAuthority("ADMIN", "API_CONSUMER") .antMatchers(HttpMethod.DELETE, "/applications/**").hasAnyAuthority("ADMIN", "API_CONSUMER") // Instance requests .antMatchers(HttpMethod.GET, "/instances/**").hasAuthority("ADMIN").anyRequest().authenticated() .and().csrf().disable().addFilterAfter(corsFilter(), AbstractPreAuthenticatedProcessingFilter.class) .addFilterBefore(new JWTAuthenticationFilter(jwtCookieGenerator, jwtSecret), BasicAuthenticationFilter.class) .addFilterAfter( new AuthenticationSuccessFilter(jwtCookieGenerator, jwtSecret, environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER), environment .getProperty("jwt.expire-after", Integer.class, DEFAULT_JWT_EXPIRE_AFTER)), BasicAuthenticationFilter.class); }
From source file:com.frequentis.maritime.mcsr.config.SecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { //super.configure(http); log.debug("Configuring HttpSecurity"); log.debug("RememberMe service {}", rememberMeServices); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .sessionAuthenticationStrategy(sessionAuthenticationStrategy()).and() .addFilterBefore(basicAuthenticationFilter(), LogoutFilter.class) .addFilterBefore(new SkippingFilter(keycloakPreAuthActionsFilter()), LogoutFilter.class) .addFilterBefore(new SkippingFilter(keycloakAuthenticationProcessingFilter()), X509AuthenticationFilter.class) .exceptionHandling().authenticationEntryPoint(authenticationEntryPoint()).and() // .addFilterAfter(new CsrfCookieGeneratorFilter(), CsrfFilter.class) // .exceptionHandling() // .accessDeniedHandler(new CustomAccessDeniedHandler()) // .authenticationEntryPoint(authenticationEntryPoint) // .and() .rememberMe().rememberMeServices(rememberMeServices).rememberMeParameter("remember-me") .key(jHipsterProperties.getSecurity().getRememberMe().getKey()).and().formLogin() .loginProcessingUrl("/api/authentication").successHandler(ajaxAuthenticationSuccessHandler) .failureHandler(ajaxAuthenticationFailureHandler).usernameParameter("j_username") .passwordParameter("j_password").permitAll().and().logout().logoutUrl("/api/logout") .logoutSuccessHandler(ajaxLogoutSuccessHandler).deleteCookies("JSESSIONID", "CSRF-TOKEN") .permitAll().and().headers().frameOptions().disable().and().authorizeRequests() .antMatchers("/api/register").hasAuthority(AuthoritiesConstants.ADMIN) .antMatchers("/api/elasticsearch/**").permitAll().antMatchers("/api/activate").permitAll() .antMatchers("/api/authenticate").permitAll() .antMatchers("/api/account/reset_password/inactivateit").permitAll() .antMatchers("/api/account/reset_password/finish").permitAll().antMatchers("/api/profile-info") .permitAll().antMatchers("/websocket/tracker").hasAuthority(AuthoritiesConstants.ADMIN) .antMatchers("/websocket/**").permitAll().antMatchers("/management/**") .hasAuthority(AuthoritiesConstants.ADMIN).antMatchers("/v2/api-docs/**").permitAll() .antMatchers(HttpMethod.PUT, "/api/**").authenticated().antMatchers(HttpMethod.POST, "/api/**") .authenticated().antMatchers(HttpMethod.DELETE, "/api/**").authenticated() .antMatchers(HttpMethod.TRACE, "/api/**").authenticated().antMatchers(HttpMethod.HEAD, "/api/**") .authenticated().antMatchers(HttpMethod.PATCH, "/api/**").authenticated() .antMatchers(HttpMethod.OPTIONS, "/api/**").permitAll().antMatchers(HttpMethod.GET, "/api/**") .permitAll().antMatchers("/swagger-resources/configuration/ui").permitAll() .antMatchers("/swagger-ui/index.html").permitAll().and().csrf().disable(); }