List of usage examples for org.springframework.security.web.util.matcher AntPathRequestMatcher AntPathRequestMatcher
public AntPathRequestMatcher(String pattern, String httpMethod)
From source file:de.knightsoftnet.validationexample.server.spring.WebSecurityConfig.java
/** * configure security settings./* w w w . j av a 2s . c om*/ * * @param phttp http security */ @Override protected void configure(final HttpSecurity phttp) throws Exception { // NOPMD // csrf/xsrf protection phttp.csrf().csrfTokenRepository(this.csrfTokenRepository()) // .and().addFilterAfter(this.csrfHeaderFilter(), CsrfFilter.class) // .authorizeRequests() // // services without authentication .antMatchers(AppResourcePaths.PHONE_NUMBER, // AppResourcePaths.POSTAL_ADDRESS, // AppResourcePaths.SEPA, // PhoneNumber.ROOT + "/**") // .permitAll() // // all other requests need authentication .anyRequest().authenticated() // // handle not allowed access, delegate to authentication entry poing .and() // .exceptionHandling() // .authenticationEntryPoint(this.authenticationEntryPoint) // // login form handling .and() // .formLogin() // .permitAll().loginProcessingUrl(LOGIN_PATH) // .usernameParameter(Parameters.USERNAME) // .passwordParameter(Parameters.PASSWORD) // .successHandler(this.authSuccessHandler) // .failureHandler(this.authFailureHandler) // .and().logout().permitAll() // .logoutRequestMatcher(new AntPathRequestMatcher(LOGIN_PATH, "DELETE")) // .logoutSuccessHandler(this.logoutSuccessHandler) // .and() // .sessionManagement().maximumSessions(1); }
From source file:ews.client.security.upd.UsernamePasswordDomainLoginConfigurer.java
@Override protected RequestMatcher createLoginProcessingUrlMatcher(String loginProcessingUrl) { return new AntPathRequestMatcher(loginProcessingUrl, "POST"); }