当前位置: 首页>>代码示例>>Java>>正文


Java UsernamePasswordAuthenticationFilter类代码示例

本文整理汇总了Java中org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter的典型用法代码示例。如果您正苦于以下问题:Java UsernamePasswordAuthenticationFilter类的具体用法?Java UsernamePasswordAuthenticationFilter怎么用?Java UsernamePasswordAuthenticationFilter使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


UsernamePasswordAuthenticationFilter类属于org.springframework.security.web.authentication包,在下文中一共展示了UsernamePasswordAuthenticationFilter类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
	 
        http
          .anonymous().authorities("ROLE_ANONYMOUS")
          .and()
          .authorizeRequests()
          .antMatchers("/login**", "/after**").permitAll()
          .antMatchers("/deptanon.html").anonymous()
          .anyRequest().authenticated()       
          .and()
          .formLogin()
          .loginPage("/login.html")
          .defaultSuccessUrl("/deptform.html")
          .failureHandler(customFailureHandler)
          .successHandler(customSuccessHandler)
          .and()
          .addFilterBefore(appAnonAuthFilter(), UsernamePasswordAuthenticationFilter.class)
          .addFilter(appAuthenticationFilter(authenticationManager()))
          .logout().logoutUrl("/logout.html")
          .logoutSuccessHandler(customLogoutHandler)
          .and().exceptionHandling().authenticationEntryPoint(setAuthPoint());
        
        http.csrf().disable();
  }
 
开发者ID:PacktPublishing,项目名称:Spring-5.0-Cookbook,代码行数:26,代码来源:AppSecurityModelC.java

示例2: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {

    http
        .csrf()
            .disable()
        .exceptionHandling()
            .authenticationEntryPoint(authenticationEntryPoint)
        .and()
            .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
            .authorizeRequests()
                .antMatchers("/api/auth", "/api/users/me", "/api/greetings/public").permitAll()
                .anyRequest().authenticated()
        .and()
            .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
 
开发者ID:cassiomolin,项目名称:jersey-jwt-springsecurity,代码行数:19,代码来源:WebSecurityConfig.java

示例3: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {

    http = http.addFilter(new WebAsyncManagerIntegrationFilter());
    http = http.addFilterBefore(jwtAuthFilter(), UsernamePasswordAuthenticationFilter.class);

    http
            .antMatcher("/ext/**")
            .csrf().requireCsrfProtectionMatcher(csrfSecurityRequestMatcher).and()
            .headers().frameOptions().sameOrigin().and()
            .authorizeRequests()
            .antMatchers("/ext/stream/**", "/ext/coverArt*", "/ext/share/**", "/ext/hls/**")
            .hasAnyRole("TEMP", "USER").and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
            .exceptionHandling().and()
            .securityContext().and()
            .requestCache().and()
            .anonymous().and()
            .servletApi();
}
 
开发者ID:airsonic,项目名称:airsonic,代码行数:21,代码来源:GlobalSecurityConfig.java

示例4: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()
            .authorizeRequests()
            // All urls must be authenticated (filter for token always fires (/**)
            .antMatchers(HttpMethod.OPTIONS, "/login").permitAll()
            .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
            .anyRequest().authenticated()
            .and()
            // Call our errorHandler if authentication/authorisation fails
            .exceptionHandling()
            .authenticationEntryPoint((httpServletRequest, httpServletResponse, e) -> httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"))
            .and()
            // don't create session
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            // 添加一个过滤器 所有访问 /login 的请求交给 JWTLoginFilter 来处理 这个类处理所有的JWT相关内容
            .and().addFilterBefore(new JwtAuthenticationTokenFilter("/login", authenticationManager()),
                    UsernamePasswordAuthenticationFilter.class)
            // 添加一个过滤器验证其他请求的Token是否合法
            .addFilterBefore(new JWTAuthenticationFilter(),
                    UsernamePasswordAuthenticationFilter.class);
    // disable page caching
    httpSecurity.headers().cacheControl();
}
 
开发者ID:myliang,项目名称:fish-admin,代码行数:27,代码来源:WebSecurityConfig.java

示例5: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
	httpSecurity
		.csrf()
	    	.disable()
	    .exceptionHandling()
	        .authenticationEntryPoint(this.unauthorizedHandler)
	        .and()
	    .sessionManagement()
	    	.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
	        .and()
	    .authorizeRequests()
	        .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
	        .antMatchers("/auth/**").permitAll()
	        .antMatchers("/anonymous/**").permitAll()
	
	        .anyRequest().authenticated();
	
	    // Custom JWT based authentication
    httpSecurity
    	.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
 
开发者ID:Mediv85,项目名称:jwtExample,代码行数:23,代码来源:WebSecurityConfiguration.java

示例6: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable()
            .exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
            .and()
            .authorizeRequests()
            .antMatchers(HttpMethod.POST,"/**").authenticated()
            .antMatchers(HttpMethod.POST, "/login").permitAll()
            .and()
            .formLogin()
            .and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .logout()
            .and()
            .addFilterBefore(new JwtLoginFilter(urlLogin, authenticationManager(), tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
            .addFilterBefore(new JwtAuthenticationFilter(tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
            .headers().cacheControl();
}
 
开发者ID:TraineeSIIp,项目名称:PepSIIrup-2017,代码行数:20,代码来源:WebSecurityConfig.java

示例7: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
    		.cors()
    		.and()
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()
            // All urls must be authenticated (filter for token always fires (/**)
            .authorizeRequests()
            	.antMatchers(HttpMethod.OPTIONS).permitAll()
            	.antMatchers("/auth/**").authenticated()
            .and()
            // don't create session
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); //.and()
    // Custom JWT based security filter
    httpSecurity
            .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
            

    // disable page caching
    // httpSecurity.headers().cacheControl();
}
 
开发者ID:awaters1,项目名称:spring-security-firebase,代码行数:23,代码来源:WebSecurityConfig.java

示例8: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()

            .exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint).and()

            // no need to create session as JWT auth is stateless and per request
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()

            .authorizeRequests()
            .antMatchers("/auth").permitAll()                   // allow anyone to try and authenticate
            .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() // allow CORS pre-flighting
            .anyRequest().authenticated();                      // lock down everything else

    // Add our custom JWT security filter before Spring Security's Username/Password filter
    httpSecurity.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);

    // Disable page caching in the browser
    httpSecurity.headers().cacheControl().disable();
}
 
开发者ID:gazbert,项目名称:bxbot-ui-server,代码行数:23,代码来源:WebSecurityConfig.java

示例9: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .csrf().disable() // We don't need CSRF for JWT based authentication
            .exceptionHandling()
            .authenticationEntryPoint(this.authenticationEntryPoint)
            .and()
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .authorizeRequests()
            .antMatchers(FORM_BASED_LOGIN_ENTRY_POINT).permitAll()
            .antMatchers(API_DOCS_ENTRY_POINT).permitAll()
            .antMatchers(HttpMethod.GET, TOKEN_BASED_AUTH_ENTRY_POINT).permitAll()
            .antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated()
            .anyRequest().permitAll()
            .and()
            .addFilterBefore(buildDeviceLoginProcessingFilter(), UsernamePasswordAuthenticationFilter.class)
            .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(), UsernamePasswordAuthenticationFilter.class);
}
 
开发者ID:kinota,项目名称:kinota-server,代码行数:21,代码来源:WebSecurityConfig.java

示例10: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
  protected void configure(HttpSecurity http) throws Exception {
http
		.csrf().disable()
		.exceptionHandling()
		.authenticationEntryPoint(this.authenticationEntryPoint)
		.and()
		.sessionManagement()
		.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
		.and()
		.authorizeRequests()
		.antMatchers(HttpMethod.POST, formBasedAuthEntry).permitAll()
		.antMatchers(HttpMethod.GET, apiAuthEntry).permitAll()
		.antMatchers(apiAuthEntry).authenticated()
		.antMatchers(dbStatusAuthEntry).access("hasIpAddress('127.0.0.1')")
		.anyRequest().permitAll()
		.and()
		.addFilterBefore(corsFilter(), SessionManagementFilter.class)
		.addFilterBefore(buildDeviceLoginProcessingFilter(),
				UsernamePasswordAuthenticationFilter.class)
		.addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(),
				UsernamePasswordAuthenticationFilter.class)
		.addFilterBefore(buildJwtTokenAuthenticationProcessingFilterDbStatus(),
				UsernamePasswordAuthenticationFilter.class);
  }
 
开发者ID:kinota,项目名称:kinota-server,代码行数:26,代码来源:WebSecurityConfig.java

示例11: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    
    // allow loading our single page application by everyone. not required if the page is hosted somewhere else.
    http.authorizeRequests().antMatchers("/").permitAll();
    
    // allow logout
    http.logout().logoutSuccessUrl("/").permitAll();

    // all  other services are protected.
    http.authorizeRequests().anyRequest().authenticated();

    // we are using token based authentication. csrf is not required.
    http.csrf().disable();
    
    // need a filter to validate the Jwt token from AzureAD and assign roles.
    // without this, the token will not be validated and the role is always ROLE_USER.
    http.addFilterBefore(azureAdJwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
 
开发者ID:yuhuachang,项目名称:spring-boot-oauth2-azuread,代码行数:20,代码来源:WebSecurityConfig.java

示例12: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
  //解决Refused to display 'http://......' in a frame because it set 'X-Frame-Options' to 'DENY'. "错误
  http.headers().frameOptions().disable();

  http.authorizeRequests().antMatchers("/").permitAll()
          .antMatchers("/**/session/**").authenticated()//登录即可获取session信息
          // 其他地址的访问均需验证权限(需要登录,且有指定的权限)
          .anyRequest().access("@permissionService.hasPermission(request,authentication)").and()
          .addFilterBefore(corsFilter,UsernamePasswordAuthenticationFilter.class)
          .addFilterAt(codeUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class).exceptionHandling()
          .authenticationEntryPoint((request, response, authException) -> {
            String result = JSON.toJSONString(JsonUtil.getResultJson(ResultCodeEnum.NOLOGIN));
            HttpHelper.setResponseJsonData(response,result);
          }).and()
          .addFilterBefore(corsFilter,LogoutFilter.class)
          .formLogin().loginProcessingUrl("/login").permitAll().and()
          .logout().logoutSuccessHandler(logoutSuccessHandler()).permitAll();
  http.csrf().disable();
}
 
开发者ID:fier-liu,项目名称:FCat,代码行数:21,代码来源:WebSecurityConfig.java

示例13: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
    .csrf().disable() // We don't need CSRF for JWT based authentication
    .exceptionHandling()
    .authenticationEntryPoint(this.authenticationEntryPoint)
    
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)

    .and()
        .authorizeRequests()
            .antMatchers(ADMIN_LOGIN_ENTRY_POINT).permitAll()
            .antMatchers(FORM_BASED_LOGIN_ENTRY_POINT).permitAll() // Login end-point
            .antMatchers(TOKEN_REFRESH_ENTRY_POINT).permitAll() // Token refresh end-point
    .and()
        .authorizeRequests()
            .antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated() // Protected API End-points
    .and()
        .addFilterBefore(buildAjaxLoginProcessingFilter(), UsernamePasswordAuthenticationFilter.class)
        .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(), UsernamePasswordAuthenticationFilter.class);
}
 
开发者ID:Apereo-Learning-Analytics-Initiative,项目名称:OpenLRW,代码行数:24,代码来源:WebSecurityConfig.java

示例14: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
    http// disable CSRF, http basic, form login
            .csrf().disable() //
            .httpBasic().disable() //
            .formLogin().disable()
            // ReST is stateless, no sessions
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) //
            .and()
            // return 403 when not authenticated
            .exceptionHandling().authenticationEntryPoint(new NoAuthenticationEntryPoint());

    // Let child classes set up authorization paths
    setupAuthorization(http);
    http.addFilterBefore(jsonWebTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
 
开发者ID:jeikerxiao,项目名称:SpringBootStudy,代码行数:17,代码来源:JsonWebTokenSecurityConfig.java

示例15: configure

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
	httpSecurity
		// we don't need CSRF because our token is invulnerable
		.csrf().disable()
		
		.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
		
		// don't create session
		.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
		
		.authorizeRequests()
		
		// allow auth url
		.antMatchers("/auth").permitAll()
		
		.anyRequest().authenticated();
	
	// custom JWT based security filter
	httpSecurity.addFilterBefore(authenticationFilterBean(), UsernamePasswordAuthenticationFilter.class);

	// disable page caching
	httpSecurity.headers().cacheControl();
}
 
开发者ID:ard333,项目名称:spring-boot-jjwt,代码行数:25,代码来源:WebSecurityConfig.java


注:本文中的org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。