Example usage for org.springframework.security.web.util.matcher AntPathRequestMatcher matches

List of usage examples for org.springframework.security.web.util.matcher AntPathRequestMatcher matches

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.web.util.matcher.*
  5. AntPathRequestMatcher
  6. matches

Introduction

In this page you can find the example usage for org.springframework.security.web.util.matcher AntPathRequestMatcher matches.

Prototype

@Override
public boolean matches(HttpServletRequest request)

Source Link

Document

Returns true if the configured pattern (and HTTP-Method) match those of the supplied request.

Usage

From source file:com.gisnet.cancelacion.config.CsrfUrlMatcher.java

@Override
public boolean matches(HttpServletRequest request) {
    if (allowedMethods.matcher(request.getMethod()).matches()) {
        return false;
    }//from w  w w .  j a v a 2  s. c o  m
    for (AntPathRequestMatcher ant : requestMatchers) {
        if (ant.matches(request)) {
            return false;
        }
    }

    return true;
}

From source file:eu.eidas.sp.CsrfSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    // Build the request matcher for CSFR protection
    RequestMatcher csrfRequestMatcher = new RequestMatcher() {

        // Disable CSFR protection on the following urls:
        private AntPathRequestMatcher[] requestMatchers = { new AntPathRequestMatcher("/respeidas", "POST"),
                new AntPathRequestMatcher("/mdeidas", "GET") };

        @Override/*from   www  .j a  v a2s.c  o  m*/
        public boolean matches(HttpServletRequest request) {
            // If the request match one url the CSFR protection will be disabled
            for (AntPathRequestMatcher rm : requestMatchers) {
                if (rm.matches(request)) {
                    return false;
                }
            }
            return true;
        } // method matches

    }; // new RequestMatcher

    // Set security configurations
    http
            // Disable the csrf protection on some request matches
            .csrf().disable();
    //.requireCsrfProtectionMatcher(csrfRequestMatcher).and();
}

From source file:cn.net.withub.demo.bootsec.hello.security.CustomFilterInvocationSecurityMetadataSource.java

@Override
public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
    FilterInvocation fi = (FilterInvocation) object;

    HttpServletRequest request = fi.getRequest();

    System.out.println("requestUrl is " + fi.getRequestUrl());

    if (resourceMap == null || databaseChanged) {
        loadResourceMatchAuthority();/*from   www. j  a va 2  s.co m*/
    }

    Collection<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>();
    for (String urlPattern : resourceMap.keySet()) {
        //?
        AntPathRequestMatcher matcher = new AntPathRequestMatcher(urlPattern);
        if (matcher.matches(request)) {
            System.out.println("matched resource url patterns: " + urlPattern);
            attrs.addAll(resourceMap.get(urlPattern));
        }
    }

    return attrs;
}