List of usage examples for org.springframework.security.web.util.matcher AntPathRequestMatcher AntPathRequestMatcher
public AntPathRequestMatcher(String pattern, String httpMethod)
From source file:com.peertopark.spring.commons.CsrfRequestMatcher.java
public CsrfRequestMatcher(String pattern, String httpMethod) { this(new AntPathRequestMatcher(pattern, httpMethod)); }
From source file:eu.supersede.fe.security.CsrfRequestMatcher.java
public CsrfRequestMatcher(String[] permitUrls) { this.permitUrls = permitUrls; for (String m : allowedMethods) { matchers.add(new AntPathRequestMatcher("/**", m)); }/*w w w . ja v a 2 s .com*/ for (String u : this.permitUrls) { matchers.add(new AntPathRequestMatcher(u, null)); } }
From source file:com.hp.autonomy.hod.sso.SsoAuthenticationFilter.java
public SsoAuthenticationFilter(final String authenticationPath, final E entityType) { super(new AntPathRequestMatcher(authenticationPath, "POST")); this.entityType = entityType; }
From source file:eu.eidas.sp.CsrfSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { // Build the request matcher for CSFR protection RequestMatcher csrfRequestMatcher = new RequestMatcher() { // Disable CSFR protection on the following urls: private AntPathRequestMatcher[] requestMatchers = { new AntPathRequestMatcher("/respeidas", "POST"), new AntPathRequestMatcher("/mdeidas", "GET") }; @Override/*from www .ja v a2 s . c o m*/ public boolean matches(HttpServletRequest request) { // If the request match one url the CSFR protection will be disabled for (AntPathRequestMatcher rm : requestMatchers) { if (rm.matches(request)) { return false; } } return true; } // method matches }; // new RequestMatcher // Set security configurations http // Disable the csrf protection on some request matches .csrf().disable(); //.requireCsrfProtectionMatcher(csrfRequestMatcher).and(); }
From source file:org.statefulj.webapp.config.AppSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/css/**/*").permitAll().antMatchers("/").permitAll() .antMatchers("/registration").permitAll().antMatchers("/user/register").permitAll().anyRequest() .authenticated().and().formLogin().defaultSuccessUrl("/user").loginPage("/login").permitAll().and() .logout().logoutUrl("/logout").logoutRequestMatcher(new AntPathRequestMatcher("/logout", "GET")) .logoutSuccessUrl("/"); }
From source file:org.statefulj.demo.ddd.config.AppSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/css/**/*").permitAll().antMatchers("/").permitAll() .antMatchers("/registration").permitAll().antMatchers("/customer/register").permitAll().anyRequest() .authenticated().and().formLogin().defaultSuccessUrl("/customer").loginPage("/login").permitAll() .and().logout().logoutUrl("/logout") .logoutRequestMatcher(new AntPathRequestMatcher("/logout", "GET")).logoutSuccessUrl("/"); }
From source file:org.moserp.common.security.TestSecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { NegatedRequestMatcher matcher = new NegatedRequestMatcher(new AntPathRequestMatcher("/login", "POST")); http.csrf().disable().authorizeRequests().requestMatchers(matcher).authenticated().and().httpBasic(); }
From source file:com.peertopark.spring.commons.CsrfRequestMatcher.java
public CsrfRequestMatcher andMatch(String pattern, String httpMethod) { RequestMatcher requestMatcher = new AntPathRequestMatcher(pattern, httpMethod); return addRequestMatcher(requestMatcher); }
From source file:com.jeanchampemont.notedown.config.WebSecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/app/**").authenticated().and().formLogin().loginPage("/login") .failureUrl("/login?error").usernameParameter("email").passwordParameter("password") .defaultSuccessUrl("/app").and().logout() .logoutRequestMatcher(new AntPathRequestMatcher("/logout", "GET")).logoutSuccessUrl("/login?logout") .and().rememberMe().tokenRepository(persistentTokenRepository()) .tokenValiditySeconds(tokenValiditySeconds).and().csrf(); }