Example usage for org.springframework.security.config.annotation.web.builders HttpSecurity exceptionHandling

List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity exceptionHandling

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.annotation.web.builders.*
  5. HttpSecurity
  6. exceptionHandling

Introduction

In this page you can find the example usage for org.springframework.security.config.annotation.web.builders HttpSecurity exceptionHandling.

Prototype

public ExceptionHandlingConfigurer<HttpSecurity> exceptionHandling() throws Exception

Source Link

Document

Allows configuring exception handling.

Usage

From source file:org.ambraproject.wombat.config.SpringSecurityConfiguration.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    if (runtimeConfiguration.getCasConfiguration().isPresent()) {
        http.addFilter(casAuthenticationFilter()).addFilterBefore(requestLogoutFilter(), LogoutFilter.class)
                .addFilterBefore(singleSignOutFilter(), CasAuthenticationFilter.class).authorizeRequests()
                .antMatchers(USER_AUTH_INTERCEPT_PATTERN).fullyAuthenticated().and().authorizeRequests()
                .requestMatchers(new RequestMatcher() {
                    public boolean matches(HttpServletRequest request) {
                        String path = "" + request.getServletPath() + request.getPathInfo();
                        String host = "" + request.getServerName().toLowerCase();
                        return (path != null
                                && (path.contains("DesktopApertaRxiv") || host.contains("apertarxiv")));
                    }//from w  w w  .j  ava2 s .  com
                }).permitAll().and().authorizeRequests().antMatchers(NEW_COMMENT_AUTH_INTERCEPT_PATTERN)
                .fullyAuthenticated().and().authorizeRequests().antMatchers(FLAG_COMMENT_AUTH_INTERCEPT_PATTERN)
                .fullyAuthenticated();

        http.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint());
        http.csrf().disable();
    }
}

From source file:org.opentestsystem.ap.iat.config.SecurityConfig.java

/**
 * Defines the web based security configuration.
 *
 * @param http It allows configuring web based security for specific http requests.
 * @throws Exception//from   w  w w.ja va2s.  c  om
 */
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.httpBasic().authenticationEntryPoint(samlEntryPoint());
    http.csrf().disable();
    http.addFilterBefore(forwardedHeaderFilter(), ChannelProcessingFilter.class)
            .addFilterAfter(metadataGeneratorFilter(), ForwardedHeaderFilter.class)
            .addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
    http.headers().frameOptions().sameOrigin();
    http.authorizeRequests()
            .antMatchers("/saml/**", "/manage/**/health**", "/manage/**/info**", "/assets/**", "**.js",
                    "favicon.**", "/fontawesome**", "/glyphicons**", "/api/sec/**", "/api/ivs/**",
                    "/error/403.html", "/keepalive")
            .permitAll();
    http.authorizeRequests().antMatchers("/**").hasAnyRole("ADMIN", "USER");
    http.logout().logoutSuccessUrl("/");

    http.exceptionHandling().accessDeniedHandler(accessDeniedHandler());
}