Example usage for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests

Introduction

In this page you can find the example usage for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests.

Prototype

public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests()
        throws Exception

Source Link

Document

Allows restricting access based upon the HttpServletRequest using <h2>Example Configurations</h2> The most basic example is to configure all URLs to require the role "ROLE_USER".

Usage

From source file:waffle.spring.boot.demo.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().anyRequest().authenticated().and()
            .addFilterBefore(filter, BasicAuthenticationFilter.class).exceptionHandling()
            .authenticationEntryPoint(entryPoint);
}

From source file:com.vaadinspring.components.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/maga").anonymous().antMatchers("/#!main").access("hasRole('user')")
            .antMatchers("/#!admin").access("hasRole('admin')").and().formLogin().loginPage("/")
            .loginProcessingUrl("/login").defaultSuccessUrl("/#!main").failureUrl("/error")
            .usernameParameter("username").passwordParameter("password").and().logout()
            .logoutSuccessUrl("/logout").and().exceptionHandling()
            .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/main")).and().csrf().disable();

}

From source file:com.revze.crudspring.config.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers(HttpMethod.GET, "/api/catatan/**").hasRole("CATATAN_VIEW")
            .antMatchers(HttpMethod.POST, "/api/catatan/**").hasRole("CATATAN_CREATE")
            .antMatchers(HttpMethod.DELETE, "/api/catatan/**").hasRole("CATATAN_DELETE")
            .antMatchers(HttpMethod.PUT, "/api/catatan/**").hasRole("CATATAN_UPDATE").antMatchers("/lib/**")
            .permitAll().antMatchers("/scripts/**").permitAll().anyRequest().authenticated().and().formLogin()
            .loginPage("/login.html").defaultSuccessUrl("/").loginProcessingUrl("/login").permitAll().and()
            .logout().permitAll().and().csrf().disable();
}

From source file:com.ar.dev.tierra.api.config.WebSecurityConfiguration.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/**").authenticated();
}

From source file:hu.fnf.devel.wishbox.gateway.SecurityConfiguration.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().anyRequest().fullyAuthenticated();

    http.httpBasic();//from w w  w  .jav a  2 s  .com

    http.csrf().disable();
}

From source file:io.spring.springoverflow.configuration.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/**").permitAll();

    http.formLogin().loginPage("/login").permitAll().and().logout().logoutSuccessUrl("/").permitAll();
}

From source file:org.statefulj.demo.ddd.config.AppSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/css/**/*").permitAll().antMatchers("/").permitAll()
            .antMatchers("/registration").permitAll().antMatchers("/customer/register").permitAll().anyRequest()
            .authenticated().and().formLogin().defaultSuccessUrl("/customer").loginPage("/login").permitAll()
            .and().logout().logoutUrl("/logout")
            .logoutRequestMatcher(new AntPathRequestMatcher("/logout", "GET")).logoutSuccessUrl("/");
}

From source file:org.statefulj.webapp.config.AppSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/css/**/*").permitAll().antMatchers("/").permitAll()
            .antMatchers("/registration").permitAll().antMatchers("/user/register").permitAll().anyRequest()
            .authenticated().and().formLogin().defaultSuccessUrl("/user").loginPage("/login").permitAll().and()
            .logout().logoutUrl("/logout").logoutRequestMatcher(new AntPathRequestMatcher("/logout", "GET"))
            .logoutSuccessUrl("/");
}

From source file:com.github.djabry.platform.rest.config.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().anyRequest().permitAll().and().csrf().disable().exceptionHandling()
            .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
            //.formLogin().defaultSuccessUrl("/").permitAll()
            .and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/")
            .permitAll();//  w  ww .  ja  va 2s  .  c o m
}

From source file:customer.springboot.config.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers(HttpMethod.GET, "/api/customer/**").hasRole("CUSTOMER_VIEW")
            .antMatchers(HttpMethod.POST, "/api/customer/**").hasRole("CUSTOMER_CREATE")
            .antMatchers(HttpMethod.DELETE, "/api/customer/**").hasRole("CUSTOMER_DELETE")
            .antMatchers(HttpMethod.PUT, "/api/customer/**").hasRole("CUSTOMER_UPDATE")
            .antMatchers(HttpMethod.GET, "/api/user/**").hasRole("USER_VIEW").antMatchers("/lib/**").permitAll()
            .antMatchers("/scripts/**").permitAll().anyRequest().authenticated().and().formLogin()
            .loginPage("/login.html").defaultSuccessUrl("/").loginProcessingUrl("/login").permitAll().and()
            .logout().permitAll().and().csrf().disable();
}