List of usage examples for org.springframework.security.web.util.matcher AntPathRequestMatcher matches
@Override public boolean matches(HttpServletRequest request)
From source file:com.gisnet.cancelacion.config.CsrfUrlMatcher.java
@Override public boolean matches(HttpServletRequest request) { if (allowedMethods.matcher(request.getMethod()).matches()) { return false; }//from w w w . j a v a 2 s. c o m for (AntPathRequestMatcher ant : requestMatchers) { if (ant.matches(request)) { return false; } } return true; }
From source file:eu.eidas.sp.CsrfSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { // Build the request matcher for CSFR protection RequestMatcher csrfRequestMatcher = new RequestMatcher() { // Disable CSFR protection on the following urls: private AntPathRequestMatcher[] requestMatchers = { new AntPathRequestMatcher("/respeidas", "POST"), new AntPathRequestMatcher("/mdeidas", "GET") }; @Override/*from www .j a v a2s.c o m*/ public boolean matches(HttpServletRequest request) { // If the request match one url the CSFR protection will be disabled for (AntPathRequestMatcher rm : requestMatchers) { if (rm.matches(request)) { return false; } } return true; } // method matches }; // new RequestMatcher // Set security configurations http // Disable the csrf protection on some request matches .csrf().disable(); //.requireCsrfProtectionMatcher(csrfRequestMatcher).and(); }
From source file:cn.net.withub.demo.bootsec.hello.security.CustomFilterInvocationSecurityMetadataSource.java
@Override public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException { FilterInvocation fi = (FilterInvocation) object; HttpServletRequest request = fi.getRequest(); System.out.println("requestUrl is " + fi.getRequestUrl()); if (resourceMap == null || databaseChanged) { loadResourceMatchAuthority();/*from www. j a va 2 s.co m*/ } Collection<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>(); for (String urlPattern : resourceMap.keySet()) { //? AntPathRequestMatcher matcher = new AntPathRequestMatcher(urlPattern); if (matcher.matches(request)) { System.out.println("matched resource url patterns: " + urlPattern); attrs.addAll(resourceMap.get(urlPattern)); } } return attrs; }