本文整理汇总了Java中org.springframework.security.web.access.channel.ChannelProcessingFilter类的典型用法代码示例。如果您正苦于以下问题:Java ChannelProcessingFilter类的具体用法?Java ChannelProcessingFilter怎么用?Java ChannelProcessingFilter使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
ChannelProcessingFilter类属于org.springframework.security.web.access.channel包,在下文中一共展示了ChannelProcessingFilter类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.requiresChannel()
.anyRequest().requiresSecure();
http
.httpBasic()
.authenticationEntryPoint(samlEntryPoint());
http
.csrf()
.disable();
http
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http
.authorizeRequests()
.antMatchers("/saml/**").permitAll()
.antMatchers("/health").permitAll()
.antMatchers("/error").permitAll()
.anyRequest().authenticated();
}
示例2: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.disable()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.exceptionHandling()
.authenticationEntryPoint(http401UnauthorizedEntryPoint)
.and()
.authorizeRequests()
.antMatchers("/login/**").permitAll()
.anyRequest().authenticated()
.and()
.addFilterBefore(crossOriginResourceSharingFilter, ChannelProcessingFilter.class)
.addFilterBefore(statelessAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
}
示例3: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
public void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS, "**").permitAll()
.anyRequest().authenticated()
.and()
.httpBasic()
.disable()
.csrf()
.disable()
.addFilterBefore(corsFilter(), ChannelProcessingFilter.class);
}
示例4: samlizedConfig
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
/**
* Fluent API that pre-configures HttpSecurity with SAML specific configuration.
*
* @param http HttpSecurity instance
* @return Same HttpSecurity instance
* @throws Exception Exception
*/
// CSRF must be disabled when processing /saml/** to prevent "Expected CSRF token not found" exception.
// See: http://stackoverflow.com/questions/26508835/spring-saml-extension-and-spring-security-csrf-protection-conflict/26560447
protected final HttpSecurity samlizedConfig(final HttpSecurity http) throws Exception {
http.httpBasic().authenticationEntryPoint(samlEntryPoint())
.and()
.csrf().ignoringAntMatchers("/saml/**")
.and()
.authorizeRequests().antMatchers("/saml/**").permitAll()
.and()
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(filterChainProxy(), BasicAuthenticationFilter.class);
// store CSRF token in cookie
if (samlConfigBean().getStoreCsrfTokenInCookie()) {
http.csrf()
.csrfTokenRepository(csrfTokenRepository())
.and()
.addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class);
}
return http;
}
开发者ID:choonchernlim,项目名称:spring-security-adfs-saml2,代码行数:30,代码来源:SAMLWebSecurityConfigurerAdapter.java
示例5: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception
{
super.configure(http);
http
.addFilterBefore(new SimpleCorsFilter(), ChannelProcessingFilter.class)
.csrf().disable()
.requestMatchers()
.antMatchers("/oidc/**","/sso/**") // "/sso/**" matches the urls used by the keycloak adapter
.and()
.authorizeRequests()
.expressionHandler(webExpressionHandler())
// Some general filters for access, more specific ones are set at each method
.antMatchers(HttpMethod.POST, "/oidc/api/report-bug").permitAll()
.antMatchers(HttpMethod.POST, "/oidc/api/org/apply").permitAll()
.antMatchers(HttpMethod.GET, "/oidc/api/certificates/crl/*").permitAll()
.antMatchers(HttpMethod.GET, "/oidc/api/certificates/ocsp/**").permitAll()
.antMatchers(HttpMethod.POST, "/oidc/api/certificates/ocsp/*").permitAll()
.antMatchers(HttpMethod.POST, "/oidc/api/**").authenticated()
.antMatchers(HttpMethod.PUT, "/oidc/api/**").authenticated()
.antMatchers(HttpMethod.DELETE, "/oidc/api/**").authenticated()
.antMatchers(HttpMethod.GET, "/oidc/api/**").authenticated()
;
}
示例6: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic()
.authenticationEntryPoint(samlEntryPoint());
http
.csrf()
.disable();
http
.authorizeRequests()
.antMatchers("/", "/saml/**").permitAll()
.anyRequest().authenticated();
http
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http
.logout()
.logoutSuccessUrl("/");
}
示例7: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
// // http://stackoverflow.com/questions/31724994/spring-data-rest-and-cors
http
.addFilterBefore(newCorsFilter(), ChannelProcessingFilter.class)
.httpBasic()
.and()
.authorizeRequests()
// .antMatchers("/index.html", "/home.html", "/login.html", "/", "turbine/**", "/user").permitAll()
/*
* when running a local spring simple stomp broker, this is needed because
* the credentials do not work when given to AngularStompDK in atacama
* so we are forced to unsecure the simple stomp broker for now...
*/
.antMatchers("/ticks/**").permitAll()
.anyRequest()
.hasAnyRole("USER")
// .authenticated()
.and()
.csrf().csrfTokenRepository(newCsrfTokenRepository())
.and()
.addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class);
}
示例8: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
public void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.authorizeRequests()
.antMatchers("/login").permitAll()
.and()
.formLogin()
.loginPage("/login")
.loginProcessingUrl("/j_spring_security_check")
.failureUrl("/login?error")
.usernameParameter("email")
.passwordParameter("password")
.and()
.logout()
.logoutUrl("/j_spring_security_logout")
.logoutSuccessUrl("/login?logout")
.and()
.csrf()
.and()
.exceptionHandling()
.accessDeniedPage("/403")
.and()
.addFilterBefore(new CORSFilter(), ChannelProcessingFilter.class);
}
示例9: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
/**
* Defines the web based security configuration.
*
* @param http
* It allows configuring web based security for specific http requests.
* @throws Exception
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().authenticationEntryPoint(samlEntryPoint());
http.csrf().disable();
http.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http.authorizeRequests()
.antMatchers(PW_LOGIN_PAGE_PATH).denyAll() // don't offer local login form in SAML SSO scenario
.antMatchers(START_PAGE_PATH).permitAll() //
.antMatchers(ERROR_PAGE_PATH).permitAll() //
.antMatchers("/saml/**").permitAll() //
.antMatchers(AUTHENTICATED_PAGE_PATH).authenticated() //
.antMatchers(ANONYMOUS_PAGE_PATH).anonymous() //
.antMatchers(USER_ROLE_PAGE_PATH).hasAuthority(RoleId.USER_ROLE_ID.getId()) //
.antMatchers(ADMIN_ROLE_PAGE_PATH).hasAuthority(RoleId.ADMIN_ROLE_ID.getId()) //
.anyRequest().authenticated();
http.logout().logoutSuccessUrl("/");
}
示例10: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic()
.authenticationEntryPoint(samlEntryPoint());
http
.anonymous()
.disable();
http
.csrf()
.disable();
http
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http.regexMatcher("^((?!" + Urls.IFRAME_FI_BASE + "|" + Urls.IFRAME_SV_BASE + ").)*$").headers().frameOptions().sameOrigin();
}
示例11: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
/**
* Defines the web based security configuration.
*
* @param http It allows configuring web based security for specific http requests.
* @throws Exception
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic()
.authenticationEntryPoint(samlEntryPoint());
http
.csrf()
.disable();
http
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/error").permitAll()
.antMatchers("/saml/**").permitAll()
.anyRequest().authenticated();
http
.logout()
.logoutSuccessUrl("/");
}
示例12: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
public void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.authorizeRequests()
.antMatchers("/api/*").fullyAuthenticated()
.and()
.addFilterBefore(new CorsConfiguration(), ChannelProcessingFilter.class);
}
示例13: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.addFilterBefore(simpleCORSFilter(), ChannelProcessingFilter.class);
http.cors().and()
.authorizeRequests()
.antMatchers("/api/v1/register/**").permitAll()
.antMatchers("/api/v1/reset/**").permitAll()
.antMatchers("/api/v1/**").authenticated()
.anyRequest().permitAll()
.and()
.formLogin()
.loginPage("/userloginpage").passwordParameter("password").usernameParameter("username")
.successHandler(authHandler.successHandler())
.failureHandler(authHandler.failureHandler())
.permitAll()
.and()
.exceptionHandling()
.accessDeniedHandler(authHandler.accessDeniedHandler())
.authenticationEntryPoint(authHandler.authenticationEntryPoint())
.and()
.logout().logoutUrl("/userlogoutpage")
.logoutSuccessHandler(authHandler.logoutSuccessHandler())
.permitAll();
}
示例14: configure
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.disable();
http
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/error").permitAll()
.antMatchers("/saml/**").permitAll()
.antMatchers("/css/**").permitAll()
.anyRequest().authenticated();
http
.exceptionHandling().accessDeniedHandler(new AccessDeniedHandlerImpl())
.authenticationEntryPoint(getAuthEntryPoint())
.and()
.formLogin()
.loginProcessingUrl("/authenticate")
.usernameParameter("username")
.passwordParameter("password")
.successHandler(new FormAuthSuccessHandler())
.failureHandler(new SimpleUrlAuthenticationFailureHandler())
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.permitAll();
}
示例15: init
import org.springframework.security.web.access.channel.ChannelProcessingFilter; //导入依赖的package包/类
@Override
public void init(HttpSecurity http) {
metadataProvider = identityProvider.metadataProvider();
ExtendedMetadata extendedMetadata = extendedMetadata(identityProvider.discoveryEnabled);
extendedMetadataDelegate = extendedMetadataDelegate(extendedMetadata);
serviceProvider.keyManager = serviceProvider.keyManager();
cachingMetadataManager = cachingMetadataManager();
webSSOProfile = new WebSSOProfileImpl(samlProcessor, cachingMetadataManager);
samlAuthenticationProvider = samlAuthenticationProvider(webSSOProfileConsumer);
bootstrap();
SAMLContextProvider contextProvider = contextProvider();
SAMLEntryPoint samlEntryPoint = samlEntryPoint(contextProvider);
try {
http
.httpBasic()
.authenticationEntryPoint(samlEntryPoint);
CsrfConfigurer<HttpSecurity> csrfConfigurer = http.getConfigurer(CsrfConfigurer.class);
if(csrfConfigurer != null) {
// Workaround to get working with Spring Security 3.2.
RequestMatcher ignored = new AntPathRequestMatcher("/saml/SSO");
RequestMatcher notIgnored = new NegatedRequestMatcher(ignored);
RequestMatcher matcher = new AndRequestMatcher(new DefaultRequiresCsrfMatcher(), notIgnored);
csrfConfigurer.requireCsrfProtectionMatcher(matcher);
}
} catch (Exception e) {
e.printStackTrace();
}
http
.addFilterBefore(metadataGeneratorFilter(samlEntryPoint, extendedMetadata), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(samlEntryPoint, contextProvider), BasicAuthenticationFilter.class)
.authenticationProvider(samlAuthenticationProvider);
}