Example usage for org.springframework.security.web.util.matcher AntPathRequestMatcher AntPathRequestMatcher

Introduction

In this page you can find the example usage for org.springframework.security.web.util.matcher AntPathRequestMatcher AntPathRequestMatcher.

Prototype

public AntPathRequestMatcher(String pattern) 

Source Link

Document

Creates a matcher with the specific pattern which will match all HTTP methods in a case insensitive manner.

Usage

From source file:com.erudika.para.security.IgnoredRequestMatcher.java

private IgnoredRequestMatcher() {
    ConfigList c = Config.getConfig().getList("security.ignored");
    List<RequestMatcher> list = new ArrayList<RequestMatcher>(c.size());
    for (ConfigValue configValue : c) {
        list.add(new AntPathRequestMatcher((String) configValue.unwrapped()));
    }// w  w  w  .  jav a2s. c om
    orMatcher = new OrRequestMatcher(list);
}

---

From source file:se.omegapoint.facepalm.client.config.SecurityConfig.java

@Override
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
protected void configure(final HttpSecurity httpSecurity) throws Exception {
    httpSecurity.authorizeRequests().antMatchers("/fonts/**").permitAll().antMatchers("/register").permitAll()
            .anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll().and().logout()
            .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll().and().exceptionHandling()
            .accessDeniedPage("/access?error").and().headers().xssProtection().block(false)
            .xssProtectionEnabled(false).and() // Default setting for Spring Boot to activate XSS Protection (dont fix!)
            .and().csrf().disable(); // FIXME [dh] Enabling CSRF prevents file upload, must be fixed
}

---

From source file:com.create.application.configuration.security.ResourceServerConfiguration.java

@Override
public void configure(HttpSecurity http) throws Exception {
    http.exceptionHandling().authenticationEntryPoint(accessForbiddenEntryPoint).and().logout()
            .logoutUrl("/oauth/logout").logoutSuccessHandler(logoutSuccessHandler).and().csrf()
            .requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize")).disable().headers()
            .frameOptions().disable().and().sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().anyRequest()
            .authenticated();/*  ww  w.  j  ava 2 s .c  o m*/
}

---

From source file:org.vaadin.spring.samples.mvp.security.config.HttpSecurityConfigurer.java

void configure(Environment env, ApplicationContext context, HttpSecurity http) throws Exception {
    // all requests are authenticated
    http.authorizeRequests().antMatchers("/VAADIN/**", "/PUSH/**", "/UIDL/**", "/login", "/login/**")
            .permitAll().antMatchers("/**").fullyAuthenticated().and()
            // Vaadin chokes if this filter is enabled, disable it!
            .csrf().disable();//from w  w w. j a  v  a2s .c o  m

    // have UI peacefully coexist with Apache CXF web-services
    String id = env.getProperty("app.security.scheme", Scheme.BASIC.id());
    Scheme scheme = Scheme.fromValue(id);
    switch (scheme) {
    case FORM:
        http.formLogin().failureUrl("/login?error").defaultSuccessUrl("/ui").permitAll().and().logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/login")
                .permitAll();
        break;
    case BASIC:
        http.httpBasic();
        break;
    case DIGEST:
        // @see http://java.dzone.com/articles/basic-and-digest
        http.httpBasic();
        http.addFilterAfter(context.getBean(DigestAuthenticationFilter.class), BasicAuthenticationFilter.class);
        break;
    }

    // TODO plumb custom HTTP 403 and 404 pages
    /* http.exceptionHandling().accessDeniedPage("/access?error"); */
}

---

From source file:com.github.djabry.platform.rest.config.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().anyRequest().permitAll().and().csrf().disable().exceptionHandling()
            .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
            //.formLogin().defaultSuccessUrl("/").permitAll()
            .and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/")
            .permitAll();/*  w  ww. java  2  s  . c  o m*/
}

---

From source file:br.com.gerenciapessoal.security.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    JsfLoginUrlAuthenticationEntryPoint jsfLoginEntry = new JsfLoginUrlAuthenticationEntryPoint();
    jsfLoginEntry.setLoginFormUrl("/Login.xhtml");
    jsfLoginEntry.setRedirectStrategy(new JsfRedirectStrategy());

    JsfAccessDeniedHandler jsfDeniedHandler = new JsfAccessDeniedHandler();
    jsfDeniedHandler.setLoginPath("/AcessoNegado.xhtml");
    jsfDeniedHandler.setContextRelative(true);

    http.csrf().disable().headers().frameOptions().sameOrigin().and()

            .authorizeRequests().antMatchers("/Login.xhtml", "/Erro.xhtml", "/javax.faces.resource/**")
            .permitAll().antMatchers("/Home.xhtml", "/AcessoNegado.xhtml", "/usuarios/CadastroUsuario.xhtml")
            .authenticated().antMatchers("/usuarios/PesquisaUsuario.xhtml", "/banco/CadastroBanco.xhtml")
            .hasRole("ADMINISTRADORES").antMatchers("/lancamentos/**", "/conta/**", "banco/PesquisaBanco.xhtml")
            .hasAnyRole("COMUN", "ADMINISTRADORES").anyRequest().denyAll().and()

            .formLogin().loginPage("/Login.xhtml").failureUrl("/Login.xhtml?invalid=true").and()

            .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).and()

            .exceptionHandling().accessDeniedPage("/AcessoNegado.xhtml").authenticationEntryPoint(jsfLoginEntry)
            .accessDeniedHandler(jsfDeniedHandler);
}

---

From source file:cn.net.withub.demo.bootsec.hello.security.CustomFilterInvocationSecurityMetadataSource.java

@Override
public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
    FilterInvocation fi = (FilterInvocation) object;

    HttpServletRequest request = fi.getRequest();

    System.out.println("requestUrl is " + fi.getRequestUrl());

    if (resourceMap == null || databaseChanged) {
        loadResourceMatchAuthority();//  w  w w . j  av  a 2  s.c  om
    }

    Collection<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>();
    for (String urlPattern : resourceMap.keySet()) {
        //?
        AntPathRequestMatcher matcher = new AntPathRequestMatcher(urlPattern);
        if (matcher.matches(request)) {
            System.out.println("matched resource url patterns: " + urlPattern);
            attrs.addAll(resourceMap.get(urlPattern));
        }
    }

    return attrs;
}

---

From source file:com.github.djabry.platform.vaadin.config.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()/*from ww w.j  a  v a2 s.  c  om*/
            //.antMatchers("/VAADIN/**", "/PUSH/**", "/UIDL/**", "/login", "/login/**", "/register", "/environment").permitAll()
            //.antMatchers("/**").fullyAuthenticated()
            .anyRequest().permitAll().and().csrf().disable().exceptionHandling()
            .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
            //.formLogin().defaultSuccessUrl("/").permitAll()
            .and()

            .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/")
            .permitAll();
}

---

From source file:com.mobogenie.framework.spring.CookieLocaleFilter.java

@Value("#{application['security.locale_change_url']}")
public void setLocaleChangeUrl(String localeChangeUrl) {
    this.localeChangeUrl = Preconditions.checkNotNull(localeChangeUrl);
    localeChangeRequestMatcher = new AntPathRequestMatcher(localeChangeUrl);
}

---

• «
• 1
• 2
• 3
• 4
• 5
• »