List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity formLogin
public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception
From source file:cn.org.once.cstack.config.SecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { // Login Form http.formLogin().loginProcessingUrl("/user/authentication").successHandler(ajaxAuthenticationSuccessHandler) .failureHandler(ajaxAuthenticationFailureHandler).usernameParameter("j_username") .passwordParameter("j_password").permitAll(); // Logout/*from w w w .j a v a 2 s . c om*/ http.logout().logoutUrl("/user/logout").logoutSuccessHandler(ajaxLogoutSuccessHandler) .deleteCookies("JSESSIONID", "XSRF-TOKEN", "isLogged").invalidateHttpSession(true).permitAll(); // CSRF protection // enable for any profils activateProtectionCRSF(http); // enable for any profils disableProtectionCRSF(http); // Routes security http.authorizeRequests().antMatchers("/gitlab/**").permitAll().antMatchers("/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").and().exceptionHandling() .authenticationEntryPoint(authenticationEntryPoint); if ("true".equals(System.getProperty("httpsOnly"))) { logger.info("launching the application in HTTPS-only mode"); http.requiresChannel().anyRequest().requiresSecure(); } }
From source file:docs.security.RememberMeSecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { http/* ww w . ja va 2s.com*/ // ... additional configuration ... .rememberMe().rememberMeServices(rememberMeServices()); // end::http-rememberme[] http.formLogin().and().authorizeRequests().anyRequest().authenticated(); }
From source file:ru.langboost.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { // http.authorizeRequests() // .antMatchers("/protected/**").access("hasRole('ROLE_ADMIN')"); http.csrf().disable();// http.formLogin().loginPage("/login").defaultSuccessUrl("/", false); http.httpBasic().realmName("Protected API"); // http.authorizeRequests().anyRequest(); }
From source file:fr.treeptik.cloudunit.config.SecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { // Login Form http.formLogin().loginProcessingUrl("/user/authentication").successHandler(ajaxAuthenticationSuccessHandler) .failureHandler(ajaxAuthenticationFailureHandler).usernameParameter("j_username") .passwordParameter("j_password").permitAll(); // Logout/*from w w w . ja va 2 s. c o m*/ http.logout().logoutUrl("/user/logout").logoutSuccessHandler(ajaxLogoutSuccessHandler) .deleteCookies("JSESSIONID", "XSRF-TOKEN", "isLogged").invalidateHttpSession(true).permitAll(); // CSRF protection // enable for any profils activateProtectionCRSF(http); // enable for any profils disableProtectionCRSF(http); // Routes security http.authorizeRequests().antMatchers("/application/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN") .antMatchers("/server/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/module/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/file/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/image/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/user/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/logs/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/snapshot/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/monitoring/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/messages/**") .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/admin/**").hasAnyAuthority("ROLE_ADMIN") .antMatchers("/user/check", "/nopublic/**").permitAll().and().exceptionHandling() .authenticationEntryPoint(authenticationEntryPoint); if ("true".equals(System.getProperty("httpsOnly"))) { logger.info("launching the application in HTTPS-only mode"); http.requiresChannel().anyRequest().requiresSecure(); } }
From source file:de.pksoftware.springstrap.core.config.WebSecurityConfigBase.java
protected void configureFormLogin(HttpSecurity http) throws Exception { // Form Login http.formLogin() //Processing Url .loginProcessingUrl(SpringstrapConfiguration.DEFAULT_FORM_LOGIN_PROCESSING_URL) //Success and failure handlers .successHandler(formLoginSuccessHandlerBean()).failureHandler(formLoginFailureHandlerBean()) //Username and password parameter .usernameParameter(SpringstrapConfiguration.DEFAULT_FORM_LOGIN_USERNAME_PARAMETER) .passwordParameter(SpringstrapConfiguration.DEFAULT_FORM_LOGIN_PASSWORD_PARAMETER) //Everybody can see the login page .permitAll(true);/*from w ww . jav a 2 s .c o m*/ }
From source file:com.searchbox.framework.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { if (env.getProperty(USE_SECURITY, Boolean.class, false)) { http // Configures form login .formLogin().loginPage("/").loginProcessingUrl("/login/authenticate") .failureUrl("/?error=bad_credentials").and() // Configures the logout function .logout().deleteCookies("JSESSIONID").logoutUrl("/logout").logoutSuccessUrl("/").and() // Configures url based authorization .authorizeRequests()// w w w .j a v a 2s . co m // Anyone can access the urls .antMatchers("/", "/*", "/oppfin/**", "/auth/**", "/login/**", "/signin/**", "/signup/**", "/user/register/**", "/user/auth0Login/**", "/user/reset/**", "/portal/**", "/callback", "/user/resetPassword/**") .permitAll() // The system part is protected .antMatchers("/system/**").hasAnyRole("SYSTEM") // The admin part is protected .antMatchers("/admin/**").hasAnyRole("SYSTEM", "ADMIN") // The rest of the our application is protected. .antMatchers("/**", "/favorite/**").hasAnyRole("SYSTEM", "ADMIN", "USER").and() // Adds the SocialAuthenticationFilter to Spring Security's // filter chain. .apply(new SpringSocialConfigurer()).and().openidLogin().loginPage("/") .loginProcessingUrl("/login/openid").failureUrl("/?error=openid_fail").permitAll() .authenticationUserDetailsService(openIdUserDetailsService()) .attributeExchange("https://www.google.com/.*").attribute("email") .type("http://axschema.org/contact/email").required(true).and().attribute("firstname") .type("http://axschema.org/namePerson/first").required(true).and().attribute("lastname") .type("http://axschema.org/namePerson/last").required(true).and().and() .attributeExchange(".*yahoo.com.*").attribute("email").type("http://axschema.org/contact/email") .required(true).and().attribute("fullname").type("http://axschema.org/namePerson") .required(true).and().and().attributeExchange(".*myopenid.com.*").attribute("email") .type("http://schema.openid.net/contact/email").required(true).and().attribute("fullname") .type("http://schema.openid.net/namePerson").required(true); } }
From source file:shiver.me.timbers.spring.security.integration.AllAnnotationAuthenticationConfiguration.java
@Override protected final void configure(HttpSecurity http) throws Exception { http.antMatcher("/all/**"); http.csrf().disable();//from w w w. j a v a 2s . c om http.authorizeRequests().antMatchers("/all/one").access("hasRole('ONE')").antMatchers("/all/two") .access("hasRole('TWO')").anyRequest().authenticated(); http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/all/signIn") .permitAll(); http.logout().logoutUrl("/all/signOut").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()); }
From source file:it.f2informatica.webapp.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers(HttpMethod.GET, "/login*").permitAll() .antMatchers(HttpMethod.GET, "/static/**").access("isAnonymous() or isAuthenticated()") .antMatchers(HttpMethod.GET, "/**").authenticated(); http.formLogin().loginPage("/login").loginProcessingUrl("/processLogin").usernameParameter("username") .passwordParameter("password").defaultSuccessUrl("/home", true).failureUrl("/login_failed"); }
From source file:shiver.me.timbers.spring.security.integration.StormpathAuthenticationConfiguration.java
@Override protected final void configure(HttpSecurity http) throws Exception { http.antMatcher("/stormpath/**"); http.csrf().disable();/*from w w w . j ava 2 s . com*/ http.authorizeRequests().antMatchers("/stormpath/one").access("hasRole('ONE')") .antMatchers("/stormpath/two").access("hasRole('TWO')").anyRequest().authenticated(); http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/stormpath/signIn") .permitAll(); http.logout().logoutUrl("/stormpath/signOut") .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()); }
From source file:shiver.me.timbers.spring.security.integration.AllApplyAuthenticationConfiguration.java
@Override protected final void configure(HttpSecurity http) throws Exception { http.apply(jwt());/*from ww w. j a v a2 s .c o m*/ http.antMatcher("/all/**"); http.csrf().disable(); http.authorizeRequests().antMatchers("/all/one").access("hasRole('ONE')").antMatchers("/all/two") .access("hasRole('TWO')").anyRequest().authenticated(); http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/all/signIn") .permitAll(); http.logout().logoutUrl("/all/signOut").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()); }