List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests
public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests() throws Exception
From source file:mynotesrzd.springboot.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers(HttpMethod.GET, "/api/mynotes/**").hasRole("MYNOTES_VIEW") .antMatchers(HttpMethod.POST, "/api/mynotes/**").hasRole("MYNOTES_CREATE") .antMatchers(HttpMethod.DELETE, "/api/mynotes/**").hasRole("MYNOTES_DELETE") .antMatchers(HttpMethod.PUT, "/api/mynotes/**").hasRole("MYNOTES_UPDATE") .antMatchers(HttpMethod.GET, "/api/user/**").hasRole("USER_VIEW").antMatchers("/lib/**").permitAll() .antMatchers("/scripts/**").permitAll().anyRequest().authenticated().and().formLogin() .loginPage("/login.html").defaultSuccessUrl("/").loginProcessingUrl("/login").permitAll().and() .logout().permitAll().and().csrf().disable(); }
From source file:com.example.config.ApplicationSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/", "/favicon.ico", "/resources/**", "/signup").permitAll() .anyRequest().authenticated().and().formLogin().loginPage("/signin").permitAll() .failureUrl("/signin?error=1").loginProcessingUrl("/authenticate").and().logout() .logoutUrl("/logout").permitAll().logoutSuccessUrl("/signin?logout").and().rememberMe() .rememberMeServices(rememberMeServices()).key("remember-me-key"); }
From source file:org.openmhealth.dsu.configuration.OAuth2ResourceServerConfiguration.java
@Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/v1.0.M1/dash/**").permitAll() // Allows Dashboard to make requests .anyRequest().authenticated().and().headers().addHeaderWriter((request, response) -> { if (request.getMethod().equals("OPTIONS")) { // Allows Dashboard to make requests response.addHeader("Access-Control-Allow-Origin", "https://mdash.cs.vassar.edu:8080"); response.setHeader("Access-Control-Allow-Methods", "GET"); response.setHeader("Access-Control-Allow-Headers", "accept, authorization, cache-control"); response.setHeader("Access-Control-Allow-Credentials", "true"); }/*from w ww. j a va 2s. c o m*/ }); }
From source file:com.example.AuthzApp.java
@Override protected void configure(final HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/", "/home").permitAll().anyRequest().authenticated().and() .formLogin().loginPage("/login").loginProcessingUrl("/login").failureUrl("/login?error") .defaultSuccessUrl("/home").usernameParameter("username").passwordParameter("password").permitAll() .and().logout().logoutUrl("/logout").logoutSuccessUrl("/home"); }
From source file:rest.SecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/resources/**").permitAll().and().exceptionHandling().and() .httpBasic();/*w w w. j a va 2 s. com*/ http.csrf().disable(); }
From source file:com.sapito.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/admin/**").hasAuthority("JEFE_DEPARTAMENTO_ROL") .antMatchers("/ventas/**").hasAnyAuthority("VENTAS").antMatchers("/recursoshumanos/**") .hasAuthority("RH").antMatchers("/gdaAlta/**").permitAll() //.antMatchers("/compras/*").access("hasRole('COMPRAS')") .and().formLogin().loginPage("/login").failureUrl("/login?error") .loginProcessingUrl("/j_spring_security_check").usernameParameter("username") .passwordParameter("password").and().logout().logoutSuccessUrl("/login?logout") .logoutUrl("/j_spring_security_logout").and().csrf().disable(); }
From source file:com.cami.spring.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/user/**/edit").authenticated().antMatchers("/user/**/editSimpleUser") .authenticated().antMatchers("/user/**/update").authenticated() .antMatchers("/user/**/**/updateSimpleUser").authenticated().antMatchers("/user/**/show") .access("hasRole('ROLE_ADMIN')").antMatchers("/user/**").access("hasRole('ROLE_ADMIN')") .antMatchers("/index.html").authenticated().antMatchers("/").authenticated().and().formLogin() .loginPage("/login").failureUrl("/login?error").usernameParameter("username") .passwordParameter("password").and().exceptionHandling().accessDeniedPage("/403").and().logout() .logoutSuccessUrl("/").and().csrf(); }
From source file:org.modeshape.example.springsecurity.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/static/**").permitAll().anyRequest().authenticated().and() .formLogin().defaultSuccessUrl("/jcr/").and().logout().and().httpBasic(); }
From source file:com.lixiaocong.security.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().permitAll().and().formLogin().loginPage("/signin") .defaultSuccessUrl("/blog").and().logout().logoutUrl("/logout").logoutSuccessUrl("/blog").and() .rememberMe().rememberMeParameter("remember-me").and().csrf().disable(); }
From source file:com.aplikasi.penjualan.config.KonfigurasiSecurity.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/css/**").permitAll().antMatchers("/js/**").permitAll() .antMatchers("/halo").hasAnyRole("ADMIN", "STAFF", "MANAGER", "ENGINEER") .antMatchers("/karyawan/form").hasAnyRole("ADMIN", "STAFF").antMatchers("/karyawan/list") .hasAnyRole("ADMIN", "STAFF", "MANAGER", "ENGINEER").antMatchers("/karyawan/view") .hasAnyRole("ADMIN", "STAFF", "MANAGER", "ENGINEER").anyRequest().authenticated().and().formLogin() .loginPage("/login").permitAll().defaultSuccessUrl("/halo").and().logout().and() .addFilterAfter(new CsrfAttributeToCookieFilter(), CsrfFilter.class).csrf() .csrfTokenRepository(csrfTokenRepository()); }