List of usage examples for org.springframework.security.web.util.matcher MediaTypeRequestMatcher MediaTypeRequestMatcher
public MediaTypeRequestMatcher(ContentNegotiationStrategy contentNegotiationStrategy,
Collection<MediaType> matchingMediaTypes)
From source file:sample.session.SmartHttpSessionStrategy.java
@Autowired public SmartHttpSessionStrategy(ContentNegotiationStrategy contentNegotiationStrategy) { this(new CookieHttpSessionStrategy(), new HeaderHttpSessionStrategy()); MediaTypeRequestMatcher matcher = new MediaTypeRequestMatcher(contentNegotiationStrategy, Arrays.asList(MediaType.TEXT_HTML)); matcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL)); RequestHeaderRequestMatcher javascript = new RequestHeaderRequestMatcher("X-Requested-With"); this.browserMatcher = new OrRequestMatcher(Arrays.asList(matcher, javascript)); }
From source file:org.springframework.cloud.dataflow.server.config.security.OAuthSecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher( new BrowserDetectingContentNegotiationStrategy(), MediaType.TEXT_HTML); final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint(); basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm()); basicAuthenticationEntryPoint.afterPropertiesSet(); final Filter oauthFilter = oauthFilter(); BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter(providerManager(), basicAuthenticationEntryPoint); http.addFilterAfter(oauthFilter, basicAuthenticationFilter.getClass()); http.addFilterBefore(basicAuthenticationFilter, oauthFilter.getClass()); http.addFilterBefore(oAuth2AuthenticationProcessingFilter(), basicAuthenticationFilter.getClass()); http.authorizeRequests()//from ww w .ja va 2s . c om .antMatchers("/security/info**", "/login**", dashboard("/logout-success-oauth.html"), dashboard("/styles/**"), dashboard("/images/**"), dashboard("/fonts/**"), dashboard("/lib/**")) .permitAll().anyRequest().authenticated().and().httpBasic().and().logout() .logoutSuccessUrl(dashboard("/logout-success-oauth.html")).and().csrf().disable() .exceptionHandling() .defaultAuthenticationEntryPointFor(new LoginUrlAuthenticationEntryPoint("/login"), textHtmlMatcher) .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, AnyRequestMatcher.INSTANCE); securityStateBean.setAuthenticationEnabled(true); securityStateBean.setAuthorizationEnabled(false); }