List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity exceptionHandling
public ExceptionHandlingConfigurer<HttpSecurity> exceptionHandling() throws Exception
From source file:org.ambraproject.wombat.config.SpringSecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { if (runtimeConfiguration.getCasConfiguration().isPresent()) { http.addFilter(casAuthenticationFilter()).addFilterBefore(requestLogoutFilter(), LogoutFilter.class) .addFilterBefore(singleSignOutFilter(), CasAuthenticationFilter.class).authorizeRequests() .antMatchers(USER_AUTH_INTERCEPT_PATTERN).fullyAuthenticated().and().authorizeRequests() .requestMatchers(new RequestMatcher() { public boolean matches(HttpServletRequest request) { String path = "" + request.getServletPath() + request.getPathInfo(); String host = "" + request.getServerName().toLowerCase(); return (path != null && (path.contains("DesktopApertaRxiv") || host.contains("apertarxiv"))); }//from w w w .j ava2 s . com }).permitAll().and().authorizeRequests().antMatchers(NEW_COMMENT_AUTH_INTERCEPT_PATTERN) .fullyAuthenticated().and().authorizeRequests().antMatchers(FLAG_COMMENT_AUTH_INTERCEPT_PATTERN) .fullyAuthenticated(); http.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint()); http.csrf().disable(); } }
From source file:org.opentestsystem.ap.iat.config.SecurityConfig.java
/** * Defines the web based security configuration. * * @param http It allows configuring web based security for specific http requests. * @throws Exception//from w w w.ja va2s. c om */ @Override protected void configure(HttpSecurity http) throws Exception { http.httpBasic().authenticationEntryPoint(samlEntryPoint()); http.csrf().disable(); http.addFilterBefore(forwardedHeaderFilter(), ChannelProcessingFilter.class) .addFilterAfter(metadataGeneratorFilter(), ForwardedHeaderFilter.class) .addFilterAfter(samlFilter(), BasicAuthenticationFilter.class); http.headers().frameOptions().sameOrigin(); http.authorizeRequests() .antMatchers("/saml/**", "/manage/**/health**", "/manage/**/info**", "/assets/**", "**.js", "favicon.**", "/fontawesome**", "/glyphicons**", "/api/sec/**", "/api/ivs/**", "/error/403.html", "/keepalive") .permitAll(); http.authorizeRequests().antMatchers("/**").hasAnyRole("ADMIN", "USER"); http.logout().logoutSuccessUrl("/"); http.exceptionHandling().accessDeniedHandler(accessDeniedHandler()); }