Example usage for org.springframework.security.config.annotation.web.builders HttpSecurity regexMatcher

List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity regexMatcher

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.annotation.web.builders.*
  5. HttpSecurity
  6. regexMatcher

Introduction

In this page you can find the example usage for org.springframework.security.config.annotation.web.builders HttpSecurity regexMatcher.

Prototype

public HttpSecurity regexMatcher(String pattern)

Source Link

Document

Allows configuring the HttpSecurity to only be invoked when matching the provided regex pattern.

Usage

From source file:com.netflix.genie.web.security.SecurityUtils.java

/**
 * Build the common API HTTP security./*  ww w  .ja  v  a2s .com*/
 *
 * @param http                   The http security object to use
 * @param x509UserDetailsService The x509 authentication user details service to use
 * @param actuatorEndpoint       The endpoint where the Spring Actuator sits
 * @throws Exception when there is a problem configuring HTTP errors
 */
public static void buildAPIHttpSecurity(@NotNull final HttpSecurity http,
        @NotNull final X509UserDetailsService x509UserDetailsService, @NotBlank final String actuatorEndpoint)
        throws Exception {
    // @formatter:off
    http
            //            .regexMatcher("(/api/.*)|(" + actuatorEndpoint + ")/(?!health).*")
            .regexMatcher("(/api/.*)").authorizeRequests()
            .regexMatchers(HttpMethod.DELETE, APPLICATIONS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.PATCH, APPLICATIONS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.POST, APPLICATIONS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.PUT, APPLICATIONS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.DELETE, CLUSTERS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.PATCH, CLUSTERS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.POST, CLUSTERS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.PUT, CLUSTERS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.DELETE, COMMANDS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.PATCH, COMMANDS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.POST, COMMANDS_API_REGEX).hasRole(ADMIN_ROLE)
            .regexMatchers(HttpMethod.PUT, COMMANDS_API_REGEX).hasRole(ADMIN_ROLE).anyRequest()
            .hasRole(USER_ROLE).and().x509().authenticationUserDetailsService(x509UserDetailsService).and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER)
            //            .and()
            //                .requiresChannel().anyRequest().requiresSecure()
            .and().requestCache().requestCache(new NullRequestCache()).and().csrf().disable();
    // @formatter:on
}

From source file:com.hp.autonomy.frontend.find.hod.beanconfiguration.InMemoryHodSecurity.java

@SuppressWarnings("ProhibitedExceptionDeclared")
@Override/* w ww . j  a v a2 s  .c  o m*/
protected void configure(final HttpSecurity http) throws Exception {
    final AuthenticationSuccessHandler loginSuccessHandler = new LoginSuccessHandler(FindRole.CONFIG.toString(),
            FindController.CONFIG_PATH, "/p/");
    final HttpSessionRequestCache requestCache = new HttpSessionRequestCache();

    requestCache.setRequestMatcher(new OrRequestMatcher(new AntPathRequestMatcher("/p/**"),
            new AntPathRequestMatcher(FindController.CONFIG_PATH)));

    http.regexMatcher("/p/.*|/config/.*|/authenticate|/logout").authorizeRequests().antMatchers("/p/**")
            .hasRole(FindRole.ADMIN.name()).antMatchers(FindController.CONFIG_PATH)
            .hasRole(FindRole.CONFIG.name()).and().requestCache().requestCache(requestCache).and().formLogin()
            .loginPage(FindController.DEFAULT_LOGIN_PAGE).loginProcessingUrl("/authenticate")
            .successHandler(loginSuccessHandler).failureUrl(FindController.DEFAULT_LOGIN_PAGE + "?error=auth")
            .and().logout()
            .logoutSuccessHandler(new HodLogoutSuccessHandler(
                    new HodTokenLogoutSuccessHandler(SsoController.SSO_LOGOUT_PAGE, tokenRepository),
                    FindController.APP_PATH))
            .and().csrf().disable();
}

From source file:com.hp.autonomy.frontend.find.hod.beanconfiguration.HodSecurity.java

@SuppressWarnings("ProhibitedExceptionDeclared")
@Override//from   w w  w .j  a  v a2  s.  co m
protected void configure(final HttpSecurity http) throws Exception {
    final AuthenticationEntryPoint ssoEntryPoint = new SsoAuthenticationEntryPoint(SsoController.SSO_PAGE);

    final SsoAuthenticationFilter ssoAuthenticationFilter = new SsoAuthenticationFilter(
            SsoController.SSO_AUTHENTICATION_URI);
    ssoAuthenticationFilter.setAuthenticationManager(authenticationManager());

    final LogoutSuccessHandler logoutSuccessHandler = new HodTokenLogoutSuccessHandler(
            SsoController.SSO_LOGOUT_PAGE, tokenRepository);

    http.regexMatcher("/public/.*|/sso|/authenticate-sso|/api/authentication/.*|/logout").csrf().disable()
            .exceptionHandling().authenticationEntryPoint(ssoEntryPoint)
            .accessDeniedPage(DispatcherServletConfiguration.AUTHENTICATION_ERROR_PATH).and()
            .authorizeRequests().antMatchers(FindController.APP_PATH + "**").hasRole(FindRole.USER.name()).and()
            .logout().logoutSuccessHandler(logoutSuccessHandler).and()
            .addFilterAfter(ssoAuthenticationFilter, AbstractPreAuthenticatedProcessingFilter.class);
}