List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity csrf
public CsrfConfigurer<HttpSecurity> csrf() throws Exception
From source file:com.jfillo.spring.samples.chatroom.config.ChatWebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().headers() .addHeaderWriter(//from ww w.j a v a2 s. c om new XFrameOptionsHeaderWriter(XFrameOptionsHeaderWriter.XFrameOptionsMode.SAMEORIGIN)) .and().authorizeRequests().antMatchers("/resources/**").permitAll().anyRequest().authenticated() .and().formLogin().defaultSuccessUrl("/index.html").loginPage("/login.html") .failureUrl("/login.html?error").permitAll().and().logout().logoutSuccessUrl("/login.html?logout") .logoutUrl("/logout.html").permitAll(); }
From source file:com.lyncode.dataencoder.security.spring.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().formLogin().passwordParameter("password").usernameParameter("username") .loginPage("/login").defaultSuccessUrl("/admin", true).and().logout().logoutUrl("/logout") .logoutSuccessUrl("/").and().authorizeRequests().antMatchers("/").permitAll().antMatchers("/login") .not().authenticated().antMatchers("/admin").authenticated().antMatchers("/logout").authenticated() ;// w w w .j av a 2s . c om }
From source file:com.restfiddle.config.security.SecurityConfig.java
protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.authorizeRequests().antMatchers("/api/**", "/about", "/fonts/**").permitAll().anyRequest() .authenticated().and().formLogin().loginPage("/login").failureUrl("/login?error").permitAll(); http.logout().logoutSuccessUrl("/"); }
From source file:org.echocat.marquardt.example.SecurityConfiguration.java
@Override protected void configure(final HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests().antMatchers("/exampleservice/adminResource").hasRole("ADMIN") .antMatchers("/exampleservice/someProtectedResource**").authenticated().antMatchers("/**") .permitAll().and()//from w ww .j a v a 2s. c o m .addFilterBefore(certificateAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); }
From source file:th.co.geniustree.intenship.advisor.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().formLogin().loginPage("/index.html").loginProcessingUrl("/authentication") .usernameParameter("email").passwordParameter("password").defaultSuccessUrl("/index-template.html") .permitAll().and().logout().logoutUrl("/logout").logoutSuccessUrl("/index.html") .deleteCookies("JSESSIONID").permitAll().and().headers().frameOptions().disable() // .and() .authorizeRequests().anyRequest().authenticated(); }
From source file:com.xumpy.security.root.AppConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests().antMatchers("/timesheets/**").hasAnyAuthority("USER") .antMatchers("/finances/**").hasAnyAuthority("USER").antMatchers("/json/**").hasAnyAuthority("USER") .antMatchers("/admin/**").hasAnyAuthority("USER").antMatchers("/register/**").permitAll() .antMatchers("/resources/**").permitAll().antMatchers("/login").permitAll().anyRequest() .authenticated().and().formLogin().usernameParameter("username").passwordParameter("password") .loginPage("/login").loginProcessingUrl("/j_spring_security_check") .defaultSuccessUrl("/finances/overview", true).failureUrl("/login?error").permitAll().and().logout() .logoutUrl("/j_spring_security_logout").logoutSuccessUrl("/login"); }
From source file:io.github.proxyprint.kitchen.config.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/**").permitAll() .antMatchers("/api/**").hasRole("USER").and().httpBasic(); }
From source file:com.crec.controller.config.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable() // Refactor login form // See https://jira.springsource.org/browse/SPR-11496 .headers()/*w w w .ja va 2s .c o m*/ .addHeaderWriter( new XFrameOptionsHeaderWriter(XFrameOptionsHeaderWriter.XFrameOptionsMode.SAMEORIGIN)) .and() .formLogin().defaultSuccessUrl("/index.html").loginPage("/login.html") .failureUrl("/login.html?error").permitAll().and().logout().logoutSuccessUrl("/login.html?logout") .logoutUrl("/logout.html").permitAll().and().authorizeRequests().antMatchers("/assets/**") .permitAll().anyRequest().authenticated().and(); }
From source file:com.sms.server.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests().antMatchers("/admin/**").hasRole("ADMIN") .antMatchers("/user", "/user/**").hasRole("USER").antMatchers("/media/**").hasRole("USER") .antMatchers("/settings/**").hasRole("USER").antMatchers("/job/**").hasRole("USER") .antMatchers("/hls").hasRole("USER").antMatchers("/hls/**").permitAll().antMatchers("/dash") .hasRole("USER").antMatchers("/dash/**").permitAll().antMatchers("/stream/initialise/**") .hasRole("USER").antMatchers("/stream/**").permitAll().antMatchers("/image/**").permitAll() .anyRequest().authenticated().and().httpBasic().and().sessionManagement() .sessionCreationPolicy(STATELESS); }
From source file:io.github.autsia.crowly.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests().antMatchers("/").permitAll() .antMatchers("/rest/authentication/**").permitAll().antMatchers("/resources/**").permitAll() .antMatchers("/dashboard/users/**").hasRole("ADMIN").antMatchers("/rest/users/**").hasRole("ADMIN") .anyRequest().authenticated().and().formLogin().loginPage("/").permitAll(); }