List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity requestMatcher
RequestMatcher requestMatcher
To view the source code for org.springframework.security.config.annotation.web.builders HttpSecurity requestMatcher.
Click Source Link
From source file:com.companyname.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.requestMatcher(requestMatcher()) .addFilterAfter(oauth2Filter(), UsernamePasswordAuthenticationFilter.class).authorizeRequests() .anyRequest().hasRole("SUPERVISOR").and().exceptionHandling().accessDeniedPage("/403").and() .formLogin().loginPage("/loginRedirect").permitAll().and().logout() .addLogoutHandler(onLogoutHandler) //.invalidateHttpSession(true) //.deleteCookies("JSESSIONID") .permitAll().and().csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/logout")) .disable();//from w w w .j ava2 s . c o m }
From source file:com.orange.clara.tool.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.requestMatcher(new RequestMatcher() { @Override/*w w w . jav a2 s . c o m*/ public boolean matches(HttpServletRequest httpServletRequest) { return httpServletRequest.getHeader("Authorization") == null; } }).authorizeRequests().antMatchers("/api/admin/**").hasRole(UserRole.ADMIN) .antMatchers("/info/**", "/ws/**").permitAll().anyRequest().authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); if (useSsl) { http.requiresChannel().anyRequest().requiresSecure(); } }
From source file:com.companyname.PlatWebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { logger.info("Platform: Oauth module security configuration loaded."); http.requestMatcher(requestMatcher()).authorizeRequests().anyRequest().denyAll(); }
From source file:com.companyname.JdbcBasedSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { logger.info("Security module: Jdbc based HTTP configuration stack loaded."); http //.addFilterBefore(cacheAuthenticationProcessingFilter(), UsernamePasswordAuthenticationFilter.class) .requestMatcher(requestMatcher()).formLogin().successHandler(onLoginHandler).loginPage("/login") .permitAll().and().logout().addLogoutHandler(onLogoutHandler).invalidateHttpSession(true) .deleteCookies().permitAll().and().authorizeRequests().anyRequest().authenticated().and().csrf() .requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize")).disable(); }