Example usage for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests

List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.annotation.web.builders.*
  5. HttpSecurity
  6. authorizeRequests

Introduction

In this page you can find the example usage for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests.

Prototype

public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests()
        throws Exception

Source Link

Document

Allows restricting access based upon the HttpServletRequest using <h2>Example Configurations</h2> The most basic example is to configure all URLs to require the role "ROLE_USER".

Usage

From source file:com.javiermoreno.springboot.rest.CustomSecurityAdapter.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/public/**", "/views/**", "/errores/**").permitAll()
            .antMatchers(HttpMethod.GET, "/credentials/**").hasRole("USER")
            .antMatchers(HttpMethod.GET, "/private/**").hasRole("ADMIN")
            //.access("hasRole('ROLE_ADMIN')")
            .anyRequest().authenticated().and().httpBasic();
}

From source file:com.mindfire.configurations.SecurityConfigurations.java

@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity.authorizeRequests().antMatchers("/").permitAll();
}

From source file:net.indialend.attendance.conf.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/branch/**").access("hasRole('ROLE_USER')").antMatchers("/staff/**")
            .access("hasRole('ROLE_USER')").and().formLogin().loginPage("/index").failureUrl("/index?error")
            .defaultSuccessUrl("/branch/list").usernameParameter("username").passwordParameter("password").and()
            .logout().logoutUrl("/logout").logoutSuccessUrl("/index?logout").and().csrf().disable();
}

From source file:br.com.edo.atmlist.config.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/atm/**").access("hasRole('ROLE_USER')").antMatchers("/list/**")
            .access("hasRole('ROLE_USER')").antMatchers("/home/**").access("hasRole('ROLE_USER')")
            .antMatchers("/**").access("hasRole('ROLE_USER')").and().formLogin().permitAll().and().logout()
            .logoutUrl("/logout").and().addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class).csrf()
            .csrfTokenRepository(csrfTokenRepository());
}

From source file:ca.n4dev.dev.worktime.config.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/tlogin").access("hasRole('ROLE_ADMIN')").antMatchers("/").anonymous()
            .antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')").antMatchers("/dba/**")
            .access("hasRole('ROLE_ADMIN') or hasRole('ROLE_DBA')").antMatchers("/time/**")
            .access("hasRole('ROLE_ADMIN')").and().formLogin();

}

From source file:istata.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll()
            .and().logout().permitAll().and().exceptionHandling()
            .authenticationEntryPoint(new AjaxAwareAuthenticationEntryPoint("/login"));
    ;/*from ww w  .  j a  va  2  s  .com*/

    // FIXME, we might want to have this enabled at some point ar at least
    // for some resources
    http.csrf().disable();
}

From source file:org.bob.web.applications.smlite.web.spring.utils.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/", "/home").permitAll().anyRequest().authenticated().and()
            .formLogin().loginPage("/login").permitAll().and().logout().permitAll();
}

From source file:org.kamranzafar.xmpp.template.config.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/resources/**").permitAll().anyRequest().authenticated().and()
            .formLogin()//.defaultSuccessUrl("/", true).successHandler(new LoginSuccessHandler())
            .loginPage("/login").permitAll().and().logout().permitAll();
}

From source file:org.zalando.stups.stupsback.admin.config.SecurityConfiguration.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/**").hasRole("USER").and().httpBasic();
}

From source file:com.boaglio.config.SecureConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().anyRequest().fullyAuthenticated().and().formLogin().loginPage("/login")
            .failureUrl("/login?error").permitAll().and().logout().permitAll();

    //logout configuration
    http.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
}