Example usage for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests

List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.annotation.web.builders.*
  5. HttpSecurity
  6. authorizeRequests

Introduction

In this page you can find the example usage for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests.

Prototype

public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests()
        throws Exception

Source Link

Document

Allows restricting access based upon the HttpServletRequest using <h2>Example Configurations</h2> The most basic example is to configure all URLs to require the role "ROLE_USER".

Usage

From source file:mynotesrzd.springboot.config.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers(HttpMethod.GET, "/api/mynotes/**").hasRole("MYNOTES_VIEW")
            .antMatchers(HttpMethod.POST, "/api/mynotes/**").hasRole("MYNOTES_CREATE")
            .antMatchers(HttpMethod.DELETE, "/api/mynotes/**").hasRole("MYNOTES_DELETE")
            .antMatchers(HttpMethod.PUT, "/api/mynotes/**").hasRole("MYNOTES_UPDATE")
            .antMatchers(HttpMethod.GET, "/api/user/**").hasRole("USER_VIEW").antMatchers("/lib/**").permitAll()
            .antMatchers("/scripts/**").permitAll().anyRequest().authenticated().and().formLogin()
            .loginPage("/login.html").defaultSuccessUrl("/").loginProcessingUrl("/login").permitAll().and()
            .logout().permitAll().and().csrf().disable();
}

From source file:com.example.config.ApplicationSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/", "/favicon.ico", "/resources/**", "/signup").permitAll()
            .anyRequest().authenticated().and().formLogin().loginPage("/signin").permitAll()
            .failureUrl("/signin?error=1").loginProcessingUrl("/authenticate").and().logout()
            .logoutUrl("/logout").permitAll().logoutSuccessUrl("/signin?logout").and().rememberMe()
            .rememberMeServices(rememberMeServices()).key("remember-me-key");

}

From source file:org.openmhealth.dsu.configuration.OAuth2ResourceServerConfiguration.java

@Override
public void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/v1.0.M1/dash/**").permitAll() // Allows Dashboard to make requests
            .anyRequest().authenticated().and().headers().addHeaderWriter((request, response) -> {
                if (request.getMethod().equals("OPTIONS")) { // Allows Dashboard to make requests
                    response.addHeader("Access-Control-Allow-Origin", "https://mdash.cs.vassar.edu:8080");
                    response.setHeader("Access-Control-Allow-Methods", "GET");
                    response.setHeader("Access-Control-Allow-Headers", "accept, authorization, cache-control");
                    response.setHeader("Access-Control-Allow-Credentials", "true");
                }/*from w ww. j  a  va  2s.  c  o m*/
            });
}

From source file:com.example.AuthzApp.java

@Override
protected void configure(final HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/", "/home").permitAll().anyRequest().authenticated().and()
            .formLogin().loginPage("/login").loginProcessingUrl("/login").failureUrl("/login?error")
            .defaultSuccessUrl("/home").usernameParameter("username").passwordParameter("password").permitAll()
            .and().logout().logoutUrl("/logout").logoutSuccessUrl("/home");
}

From source file:rest.SecurityConfiguration.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/resources/**").permitAll().and().exceptionHandling().and()
            .httpBasic();/*w  w w.  j a va 2 s.  com*/

    http.csrf().disable();
}

From source file:com.sapito.config.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/admin/**").hasAuthority("JEFE_DEPARTAMENTO_ROL")
            .antMatchers("/ventas/**").hasAnyAuthority("VENTAS").antMatchers("/recursoshumanos/**")
            .hasAuthority("RH").antMatchers("/gdaAlta/**").permitAll()
            //.antMatchers("/compras/*").access("hasRole('COMPRAS')")
            .and().formLogin().loginPage("/login").failureUrl("/login?error")
            .loginProcessingUrl("/j_spring_security_check").usernameParameter("username")
            .passwordParameter("password").and().logout().logoutSuccessUrl("/login?logout")
            .logoutUrl("/j_spring_security_logout").and().csrf().disable();

}

From source file:com.cami.spring.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/user/**/edit").authenticated().antMatchers("/user/**/editSimpleUser")
            .authenticated().antMatchers("/user/**/update").authenticated()
            .antMatchers("/user/**/**/updateSimpleUser").authenticated().antMatchers("/user/**/show")
            .access("hasRole('ROLE_ADMIN')").antMatchers("/user/**").access("hasRole('ROLE_ADMIN')")
            .antMatchers("/index.html").authenticated().antMatchers("/").authenticated().and().formLogin()
            .loginPage("/login").failureUrl("/login?error").usernameParameter("username")
            .passwordParameter("password").and().exceptionHandling().accessDeniedPage("/403").and().logout()
            .logoutSuccessUrl("/").and().csrf();

}

From source file:org.modeshape.example.springsecurity.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/static/**").permitAll().anyRequest().authenticated().and()
            .formLogin().defaultSuccessUrl("/jcr/").and().logout().and().httpBasic();
}

From source file:com.lixiaocong.security.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().anyRequest().permitAll().and().formLogin().loginPage("/signin")
            .defaultSuccessUrl("/blog").and().logout().logoutUrl("/logout").logoutSuccessUrl("/blog").and()
            .rememberMe().rememberMeParameter("remember-me").and().csrf().disable();
}

From source file:com.aplikasi.penjualan.config.KonfigurasiSecurity.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/css/**").permitAll().antMatchers("/js/**").permitAll()
            .antMatchers("/halo").hasAnyRole("ADMIN", "STAFF", "MANAGER", "ENGINEER")
            .antMatchers("/karyawan/form").hasAnyRole("ADMIN", "STAFF").antMatchers("/karyawan/list")
            .hasAnyRole("ADMIN", "STAFF", "MANAGER", "ENGINEER").antMatchers("/karyawan/view")
            .hasAnyRole("ADMIN", "STAFF", "MANAGER", "ENGINEER").anyRequest().authenticated().and().formLogin()
            .loginPage("/login").permitAll().defaultSuccessUrl("/halo").and().logout().and()
            .addFilterAfter(new CsrfAttributeToCookieFilter(), CsrfFilter.class).csrf()
            .csrfTokenRepository(csrfTokenRepository());
}