List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity csrf
public CsrfConfigurer<HttpSecurity> csrf() throws Exception
From source file:io.getlime.security.powerauth.app.rest.api.spring.configuration.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.httpBasic().disable();//from ww w. java 2s. c o m http.csrf().disable(); http.authorizeRequests().antMatchers("/secured/**").fullyAuthenticated(); http.exceptionHandling().authenticationEntryPoint(apiAuthenticationEntryPoint); }
From source file:shiver.me.timbers.spring.security.integration.AllAnnotationAuthenticationConfiguration.java
@Override protected final void configure(HttpSecurity http) throws Exception { http.antMatcher("/all/**"); http.csrf().disable(); http.authorizeRequests().antMatchers("/all/one").access("hasRole('ONE')").antMatchers("/all/two") .access("hasRole('TWO')").anyRequest().authenticated(); http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/all/signIn") .permitAll();//from www . j a va 2 s . c om http.logout().logoutUrl("/all/signOut").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()); }
From source file:shiver.me.timbers.spring.security.integration.SpringSecurityConfiguration.java
@Override protected final void configure(HttpSecurity http) throws Exception { http.antMatcher("/normal/**"); http.csrf().disable(); http.authorizeRequests().anyRequest().authenticated(); http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/normal/signIn") .permitAll();/*from www . j av a2 s.co m*/ http.logout().logoutUrl("/normal/signOut") .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()); }
From source file:opensnap.config.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable() // Refactor login form .formLogin().loginPage("/index.html").loginProcessingUrl("/login") .successHandler(authenticationSuccessHandler).failureHandler(authenticationFailureHandler) .permitAll().and().logout().logoutSuccessHandler(logoutSuccessHandler).permitAll().and() .authorizeRequests().antMatchers("/autoconfig**", "/beans**", "/configprops**", "/dump**", "/env**", "/metrics**", "/mappings**", "/shutdown**", "/trace**") .hasAuthority("ADMIN").anyRequest().permitAll(); }
From source file:com.teradata.benchto.service.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { if (isApiProtected) { http.csrf().disable().authorizeRequests().antMatchers("/**").permitAll().and().antMatcher("/v1/**") .authorizeRequests()/*from w w w . ja v a 2 s.com*/ .requestMatchers( (httpServletRequest) -> httpServletRequest.getMethod().equalsIgnoreCase("POST")) .hasAnyRole(API_WRITE_ROLE).and().httpBasic(); } else { http.csrf().disable().authorizeRequests().anyRequest().permitAll(); } }
From source file:shiver.me.timbers.spring.security.integration.JwtCustomPrincipleSecurityConfigurationAnnotation.java
@Override protected final void configure(HttpSecurity http) throws Exception { http.antMatcher("/custom/**"); http.csrf().disable(); http.authorizeRequests().anyRequest().authenticated(); http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/custom/signIn") .permitAll();/* ww w . j a v a 2 s . co m*/ http.logout().logoutUrl("/custom/signOut") .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()); }
From source file:shiver.me.timbers.spring.security.integration.StormpathAuthenticationConfiguration.java
@Override protected final void configure(HttpSecurity http) throws Exception { http.antMatcher("/stormpath/**"); http.csrf().disable(); http.authorizeRequests().antMatchers("/stormpath/one").access("hasRole('ONE')") .antMatchers("/stormpath/two").access("hasRole('TWO')").anyRequest().authenticated(); http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/stormpath/signIn") .permitAll();//from w w w .jav a2 s. c o m http.logout().logoutUrl("/stormpath/signOut") .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()); }
From source file:ch.rasc.s4ws.portfolio.config.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.csrf().disable() // See https://jira.springsource.org/browse/SPR-11496 .headers()// w ww.j a v a 2 s .com .addHeaderWriter( new XFrameOptionsHeaderWriter(XFrameOptionsHeaderWriter.XFrameOptionsMode.SAMEORIGIN)) .and() .formLogin().defaultSuccessUrl("/portfolio/index.html").loginPage("/portfolio/login.html") .failureUrl("/portfolio/login.html?error").permitAll().and().logout() .logoutSuccessUrl("/portfolio/login.html?logout").logoutUrl("/portfolio/logout.html").permitAll() .and().authorizeRequests().antMatchers("/portfolio/login.css").permitAll() .antMatchers("/portfolio/**").authenticated().and(); // @formatter:on }
From source file:com.mycompany.springboot.config.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests().anyRequest().authenticated().and().httpBasic(); // http/*from ww w.j a va 2s. co m*/ // .csrf() // .disable() // .authorizeRequests() // .anyRequest() // .authenticated() // .and() // .formLogin() // .permitAll() // .and() // .logout() // .permitAll(); // http // .csrf() // .disable() // .authorizeRequests() // .anyRequest() // .authenticated() // .and() // .formLogin() // .loginPage("/login") // .permitAll() // .and() // .logout() // .permitAll(); }
From source file:fi.helsinki.opintoni.config.LocalSecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint); http.formLogin().permitAll().loginPage("/login").loginProcessingUrl("/login").usernameParameter("username") .passwordParameter("password").successHandler(authSuccessHandler) .failureHandler(authFailureHandler); http.logout().logoutUrl("/logout").permitAll().logoutSuccessHandler(localLogoutSuccessHandler); http.sessionManagement().maximumSessions(1); http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/error").permitAll() .antMatchers("/login").permitAll().antMatchers("/redirect").permitAll() .antMatchers("/api/public/v1/**").permitAll().antMatchers("/api/private/v1/admin/*") .hasIpAddress("127.0.0.1").antMatchers("/api/admin/**").access(Constants.ADMIN_ROLE_REQUIRED) .anyRequest().authenticated(); }