当前位置: 首页>>代码示例>>Java>>正文

Java SessionCreationPolicy类代码示例

本文整理汇总了Java中org.springframework.security.config.http.SessionCreationPolicy的典型用法代码示例。如果您正苦于以下问题:Java SessionCreationPolicy类的具体用法?Java SessionCreationPolicy怎么用?Java SessionCreationPolicy使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


SessionCreationPolicy类属于org.springframework.security.config.http包,在下文中一共展示了SessionCreationPolicy类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {

  // Disable CSRF (cross site request forgery)
  http.csrf().disable();

  // No session will be created or used by spring security
  http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);

  // Entry points
  http.authorizeRequests()//
      .antMatchers("/users/signin").permitAll()//
      .antMatchers("/users/signup").permitAll()//
      // Disallow everything else..
      .anyRequest().authenticated();

  // If a user try to access a resource without having enough permissions
  http.exceptionHandling().accessDeniedPage("/login");

  // Apply JWT
  http.apply(new JwtTokenFilterConfigurer(jwtTokenProvider));

  // Optional, if you want to test the API from a browser
  // http.httpBasic();
}
开发者ID:murraco,项目名称:spring-boot-jwt,代码行数:26,代码来源:WebSecurityConfig.java

示例2: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
public void configure(HttpSecurity http) throws Exception {
    http
        .csrf()
        .disable()
        .headers()
        .frameOptions()
        .disable()
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
        .authorizeRequests()
        .antMatchers("/api/profile-info").permitAll()
        .antMatchers("/api/xm-entities/registration").permitAll()
        .antMatchers("/api/xm-entities/registration/activate/*").permitAll()
        .antMatchers("/api/xm-functions/call/ACCOUNT.VERIFY-CONTACT-DATA").permitAll()
        .antMatchers("/api/**").authenticated()
        .antMatchers("/management/health").permitAll()
        .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
        .antMatchers("/swagger-resources/configuration/ui").permitAll();
}
开发者ID:xm-online,项目名称:xm-ms-entity,代码行数:23,代码来源:MicroserviceSecurityConfiguration.java

示例3: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .csrf()
        .disable()
        .headers()
        .frameOptions()
        .disable()
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
        .authorizeRequests()
        .antMatchers("/api/**").authenticated()
        .antMatchers("/management/health").permitAll()
        .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
        .antMatchers("/swagger-resources/configuration/ui").permitAll()
    .and()
        .apply(securityConfigurerAdapter());
}
开发者ID:oktadeveloper,项目名称:jhipster-microservices-example,代码行数:21,代码来源:MicroserviceSecurityConfiguration.java

示例4: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
      .authorizeRequests()
      .antMatchers("/react/login**", "/react/after**").permitAll()
      .anyRequest().authenticated()
      .and()
      .formLogin()
      .loginPage("/react/login.html")
      .defaultSuccessUrl("/react/menu.html")
      .failureUrl("/react/login.html?error=true")
      .and().logout().logoutUrl("/react/logout.html")
      .logoutSuccessUrl("/react/after_logout.html")
      .and().sessionManagement()
      .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
      
     http.csrf().disable();    
}
开发者ID:PacktPublishing,项目名称:Spring-5.0-Cookbook,代码行数:19,代码来源:AppSecurityConfig.java

示例5: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(final HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .antMatchers("/auth/login").permitAll()
            .antMatchers("/image/**").permitAll()
            .antMatchers(HttpMethod.GET, "/store/**").permitAll()
            .antMatchers(HttpMethod.POST, "/user/").permitAll()
            .antMatchers(HttpMethod.POST, "/product/**").hasAuthority(ROLE_ADMIN.name())
            .antMatchers(HttpMethod.PUT, "/product/**").hasAuthority(ROLE_ADMIN.name())
            .antMatchers(HttpMethod.DELETE, "/product/**").hasAuthority(ROLE_ADMIN.name())
            .antMatchers(HttpMethod.POST, "/stock/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STOCK_MANAGER.name())
            .antMatchers(HttpMethod.PUT, "/stock/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STOCK_MANAGER.name())
            .antMatchers(HttpMethod.DELETE, "/stock/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STOCK_MANAGER.name())
            .antMatchers(HttpMethod.POST, "/store/").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STORE_MANAGER.name())
            .antMatchers(HttpMethod.PUT, "/store/").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STORE_MANAGER.name())
            .antMatchers(HttpMethod.DELETE, "/store/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STORE_MANAGER.name())
            .anyRequest().authenticated()
            .and()
            .addFilterBefore(filter(), UsernamePasswordAuthenticationFilter.class)
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .csrf().disable();
}
开发者ID:akraskovski,项目名称:product-management-system,代码行数:24,代码来源:SecurityConfig.java

示例6: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
public void configure(HttpSecurity http) throws Exception {
    http
        .csrf()
        .disable()
        .headers()
        .frameOptions()
        .disable()
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
        .authorizeRequests()
        .antMatchers("/api/profile-info").permitAll()
        .antMatchers("/api/**").authenticated()
        .antMatchers("/management/health").permitAll()
        .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
        .antMatchers("/swagger-resources/configuration/ui").permitAll();
}
开发者ID:xm-online,项目名称:xm-ms-balance,代码行数:20,代码来源:MicroserviceSecurityConfiguration.java

示例7: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
	http
		.csrf()
		.disable()
		.authorizeRequests()
			.antMatchers("/home/**").permitAll()
	.and()
		.authorizeRequests()
			.antMatchers(HttpMethod.GET, "/app/**").permitAll()
			.antMatchers(HttpMethod.POST, "/app/**").hasRole("SEAT")

	.and()
		.httpBasic()
		.realmName(REALM)
		.authenticationEntryPoint(getBasicAuthEntryPoint())
	.and()
		.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
开发者ID:edylle,项目名称:hockey-game,代码行数:20,代码来源:SecurityConfiguration.java

示例8: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {	
	http.httpBasic();
	http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
	http.authorizeRequests().anyRequest().permitAll().anyRequest().anonymous();
	http.antMatcher("/**/orderbook").authorizeRequests().anyRequest().authenticated(); 
	http.csrf().disable();
}
开发者ID:Angular2Guy,项目名称:AngularAndSpring,代码行数:9,代码来源:WebSecurityConfig.java

示例9: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {

    http = http.addFilter(new WebAsyncManagerIntegrationFilter());
    http = http.addFilterBefore(jwtAuthFilter(), UsernamePasswordAuthenticationFilter.class);

    http
            .antMatcher("/ext/**")
            .csrf().requireCsrfProtectionMatcher(csrfSecurityRequestMatcher).and()
            .headers().frameOptions().sameOrigin().and()
            .authorizeRequests()
            .antMatchers("/ext/stream/**", "/ext/coverArt*", "/ext/share/**", "/ext/hls/**")
            .hasAnyRole("TEMP", "USER").and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
            .exceptionHandling().and()
            .securityContext().and()
            .requestCache().and()
            .anonymous().and()
            .servletApi();
}
开发者ID:airsonic,项目名称:airsonic,代码行数:21,代码来源:GlobalSecurityConfig.java

示例10: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
@SuppressWarnings("PMD.SignatureDeclareThrowsException")
protected void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .addFilter(requestHeaderAuthenticationFilter())
        .addFilter(new AnonymousAuthenticationFilter("anonymous"))
        .authorizeRequests()
        .antMatchers(HttpMethod.OPTIONS).permitAll()
        .antMatchers("/api/v1/swagger.*").permitAll()
        .antMatchers("/api/v1/index.html").permitAll()
        .antMatchers("/api/v1/version").permitAll()
        .antMatchers(HttpMethod.GET, "/api/v1/credentials/callback").permitAll()
        .antMatchers("/api/v1/**").hasRole("AUTHENTICATED")
        .anyRequest().permitAll();

    http.csrf().disable();
}
开发者ID:syndesisio,项目名称:syndesis,代码行数:19,代码来源:SecurityConfiguration.java

示例11: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()
            .authorizeRequests()
            // All urls must be authenticated (filter for token always fires (/**)
            .antMatchers(HttpMethod.OPTIONS, "/login").permitAll()
            .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
            .anyRequest().authenticated()
            .and()
            // Call our errorHandler if authentication/authorisation fails
            .exceptionHandling()
            .authenticationEntryPoint((httpServletRequest, httpServletResponse, e) -> httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"))
            .and()
            // don't create session
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            // 添加一个过滤器 所有访问 /login 的请求交给 JWTLoginFilter 来处理 这个类处理所有的JWT相关内容
            .and().addFilterBefore(new JwtAuthenticationTokenFilter("/login", authenticationManager()),
                    UsernamePasswordAuthenticationFilter.class)
            // 添加一个过滤器验证其他请求的Token是否合法
            .addFilterBefore(new JWTAuthenticationFilter(),
                    UsernamePasswordAuthenticationFilter.class);
    // disable page caching
    httpSecurity.headers().cacheControl();
}
开发者ID:myliang,项目名称:fish-admin,代码行数:27,代码来源:WebSecurityConfig.java

示例12: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
	httpSecurity
		.csrf()
	    	.disable()
	    .exceptionHandling()
	        .authenticationEntryPoint(this.unauthorizedHandler)
	        .and()
	    .sessionManagement()
	    	.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
	        .and()
	    .authorizeRequests()
	        .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
	        .antMatchers("/auth/**").permitAll()
	        .antMatchers("/anonymous/**").permitAll()
	
	        .anyRequest().authenticated();
	
	    // Custom JWT based authentication
    httpSecurity
    	.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
开发者ID:Mediv85,项目名称:jwtExample,代码行数:23,代码来源:WebSecurityConfiguration.java

示例13: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable()
            .exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
            .and()
            .authorizeRequests()
            .antMatchers(HttpMethod.POST,"/**").authenticated()
            .antMatchers(HttpMethod.POST, "/login").permitAll()
            .and()
            .formLogin()
            .and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .logout()
            .and()
            .addFilterBefore(new JwtLoginFilter(urlLogin, authenticationManager(), tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
            .addFilterBefore(new JwtAuthenticationFilter(tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
            .headers().cacheControl();
}
开发者ID:TraineeSIIp,项目名称:PepSIIrup-2017,代码行数:20,代码来源:WebSecurityConfig.java

示例14: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
    		.cors()
    		.and()
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()
            // All urls must be authenticated (filter for token always fires (/**)
            .authorizeRequests()
            	.antMatchers(HttpMethod.OPTIONS).permitAll()
            	.antMatchers("/auth/**").authenticated()
            .and()
            // don't create session
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); //.and()
    // Custom JWT based security filter
    httpSecurity
            .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
            

    // disable page caching
    // httpSecurity.headers().cacheControl();
}
开发者ID:awaters1,项目名称:spring-security-firebase,代码行数:23,代码来源:WebSecurityConfig.java

示例15: configure

import org.springframework.security.config.http.SessionCreationPolicy; //导入依赖的package包/类
@Override
  protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(tokenProcessingFilter(), BasicAuthenticationFilter.class).csrf().disable().httpBasic()
      	.and().authorizeRequests()
              .antMatchers("/login/**", "/profile/**").hasRole("USER")
              .and().authorizeRequests().anyRequest().permitAll()
             /* .and()
          .apply(new SpringSocialConfigurer() 
      ) */
              .and().authorizeRequests().antMatchers(
              		"/user/**",
              		"/users/**",
              		"/contacts**",
              		"/contacts/**",
              		"/contacts",
              		"/game/**",
              		"/games/**"
              		).hasRole("USER")
              .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
              ;
  }
开发者ID:eduyayo,项目名称:gamesboard,代码行数:22,代码来源:RestLoginSecurityContext.java


注:本文中的org.springframework.security.config.http.SessionCreationPolicy类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。