本文整理汇总了Java中org.springframework.security.web.authentication.www.BasicAuthenticationFilter类的典型用法代码示例。如果您正苦于以下问题:Java BasicAuthenticationFilter类的具体用法?Java BasicAuthenticationFilter怎么用?Java BasicAuthenticationFilter使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
BasicAuthenticationFilter类属于org.springframework.security.web.authentication.www包,在下文中一共展示了BasicAuthenticationFilter类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers(
"/",
"/public/**",
"/social/**",
"/login**",
"/webjars/**",
"/img/**",
"/css/**",
"/robots.txt").permitAll()
.anyRequest().authenticated()
.and().logout().logoutSuccessUrl("/").permitAll()
.and().formLogin().loginPage("/")
.and().csrf().csrfTokenRepository(csrfTokenRepository())
.and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
.addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
}
示例2: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.requiresChannel()
.anyRequest().requiresSecure();
http
.httpBasic()
.authenticationEntryPoint(samlEntryPoint());
http
.csrf()
.disable();
http
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http
.authorizeRequests()
.antMatchers("/saml/**").permitAll()
.antMatchers("/health").permitAll()
.antMatchers("/error").permitAll()
.anyRequest().authenticated();
}
示例3: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
List<RequestMatcher> csrfMethods = new ArrayList<>();
Arrays.asList( "POST", "PUT", "PATCH", "DELETE" )
.forEach( method -> csrfMethods.add( new AntPathRequestMatcher( "/**", method ) ) );
http
.sessionManagement().sessionCreationPolicy( SessionCreationPolicy.STATELESS ).and()
.exceptionHandling().authenticationEntryPoint( restAuthenticationEntryPoint ).and()
.authorizeRequests()
.antMatchers(
HttpMethod.GET,
"/",
"/webjars/**",
"/*.html",
"/favicon.ico",
"/**/*.html",
"/**/*.css",
"/**/*.js"
).permitAll()
.antMatchers("/auth/**").permitAll()
.anyRequest().authenticated().and()
.addFilterBefore(new TokenAuthenticationFilter(tokenHelper, jwtUserDetailsService), BasicAuthenticationFilter.class);
http.csrf().disable();
}
示例4: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
//任何访问都必须授权
.anyRequest().fullyAuthenticated()
//配置那些路径可以不用权限访问
.mvcMatchers("/login", "/login/wechat").permitAll()
.and()
.formLogin()
//登陆成功后的处理,因为是API的形式所以不用跳转页面
.successHandler(new MyAuthenticationSuccessHandler())
//登陆失败后的处理
.failureHandler(new MySimpleUrlAuthenticationFailureHandler())
.and()
//登出后的处理
.logout().logoutSuccessHandler(new RestLogoutSuccessHandler())
.and()
//认证不通过后的处理
.exceptionHandling()
.authenticationEntryPoint(new RestAuthenticationEntryPoint());
http.addFilterAt(myFilterSecurityInterceptor, FilterSecurityInterceptor.class);
http.addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
//http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
http.csrf().disable();
}
示例5: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(tokenProcessingFilter(), BasicAuthenticationFilter.class).csrf().disable().httpBasic()
.and().authorizeRequests()
.antMatchers("/login/**", "/profile/**").hasRole("USER")
.and().authorizeRequests().anyRequest().permitAll()
/* .and()
.apply(new SpringSocialConfigurer()
) */
.and().authorizeRequests().antMatchers(
"/user/**",
"/users/**",
"/contacts**",
"/contacts/**",
"/contacts",
"/game/**",
"/games/**"
).hasRole("USER")
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
;
}
示例6: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/index.html").permitAll()
.anyRequest().fullyAuthenticated()//
.and()
.logout()
.logoutSuccessUrl("/")
.permitAll()
.and()
.addFilterAt(filter(), BasicAuthenticationFilter.class)
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
http.authorizeRequests().antMatchers("/CSS/**","/JS/**","/images/**").permitAll().anyRequest().permitAll();
}
示例7: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(final HttpSecurity http) throws Exception {
permitUri(http
.csrf().disable() // RESTful APIs are immune to CSRF
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() // RESTful APIs should be stateless
.exceptionHandling().authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED)).and()
.formLogin().disable() // not needed for RESTful APIs
.logout().disable() // not needed for RESTful APIs
.httpBasic().disable() // not using basic authentication
.rememberMe().disable() // JWT do not need to remember me
.requestCache().disable() // RESTful APIs should not require caching
.x509().disable() // not using x509
.addFilterAt(jwtFilter, BasicAuthenticationFilter.class)
// add url that no need be authenticated
.authorizeRequests())
.anyRequest().authenticated();
}
示例8: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.regexMatcher("/rest/*")
.csrf().disable()
// never use server side sessions (stateless mode)
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers(RestAuthenticationServiceImpl.LOGIN_URL).permitAll()
.antMatchers(ApplicationController.WELCOME_URL).hasAnyAuthority(getAllRoles())
.antMatchers("/rest/**").authenticated()
.and()
.httpBasic().disable()
.formLogin().disable()
.rememberMe().disable()
.requestCache().disable()
.x509().disable()
.logout().disable()
//.anonymous().disable()
// add custom authentication filter
.addFilterBefore(this.getAuthenticationTokenProcessingFilter(), BasicAuthenticationFilter.class)
// register custom authentication exception handler
.exceptionHandling().authenticationEntryPoint(this.getEntryPointBean())
.accessDeniedHandler(this.getAccessDeniedHandler());
}
示例9: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http)
throws Exception
{
// @formatter:off
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/", "/login**", "/webjars/**").permitAll()
.anyRequest().authenticated()
.and().exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
.and().logout().logoutSuccessUrl("/").permitAll()
.and().csrf().csrfTokenRepository(csrfTokenRepository())
.and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
.addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
// @formatter:on
}
示例10: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/user/**").authenticated()
.anyRequest().permitAll()
.and().exceptionHandling()
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
.and()
.formLogin().loginPage("/login").loginProcessingUrl("/login.do").defaultSuccessUrl("/user/info")
.failureUrl("/login?err=1")
.permitAll()
.and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/")
.permitAll()
.and().addFilterBefore(githubFilter(), BasicAuthenticationFilter.class)
;
}
示例11: samlizedConfig
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
/**
* Fluent API that pre-configures HttpSecurity with SAML specific configuration.
*
* @param http HttpSecurity instance
* @return Same HttpSecurity instance
* @throws Exception Exception
*/
// CSRF must be disabled when processing /saml/** to prevent "Expected CSRF token not found" exception.
// See: http://stackoverflow.com/questions/26508835/spring-saml-extension-and-spring-security-csrf-protection-conflict/26560447
protected final HttpSecurity samlizedConfig(final HttpSecurity http) throws Exception {
http.httpBasic().authenticationEntryPoint(samlEntryPoint())
.and()
.csrf().ignoringAntMatchers("/saml/**")
.and()
.authorizeRequests().antMatchers("/saml/**").permitAll()
.and()
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(filterChainProxy(), BasicAuthenticationFilter.class);
// store CSRF token in cookie
if (samlConfigBean().getStoreCsrfTokenInCookie()) {
http.csrf()
.csrfTokenRepository(csrfTokenRepository())
.and()
.addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class);
}
return http;
}
开发者ID:choonchernlim,项目名称:spring-security-adfs-saml2,代码行数:30,代码来源:SAMLWebSecurityConfigurerAdapter.java
示例12: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
/**
* Security Config, to allow following requests without authorization.
* <ul>
* <li>show index.html Landing page</li>
* <li>allow loading of compiled JS and CSS</li>
* <li>allow loading of files in assets folder, e.g. BootsTrap CSS and BootsTrap or jQuery JS</li>
* <li>API requests</li>
* </ul>
*
* @param http {@link HttpSecurity}
* @throws Exception {@link Exception} if something goes wrong
* @since 1.1.1-SNAPSHOT
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
.antMatcher("/**")
.authorizeRequests()
.antMatchers(
"/", // allow request to root
"/login**", // allow login request
"/app/get/**", // allow default "get" requests
"/app/update/product/**/download", // allow updates to product, if it gets downloaded
"/app/download/product/**", // allow product downloads
"/index.html", "/**.js", "/**.css", "/**.woff", "/**.woff2", "/**.ttf", "/assets/**", // static resources
"/api**").permitAll()
.anyRequest().authenticated()
.and().logout().logoutSuccessUrl("/").permitAll()
.and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringAntMatchers("/nocsrf", "/console/**")
.and().exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
.and().headers().frameOptions().disable()
/**
* limit access to amazonaws domain
*/
// .addHeaderWriter(new StaticHeadersWriter("X-FRAME-OPTIONS", "ALLOW-FROM amazonaws.com"))
.and().addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
}
示例13: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
public void configure(H http) throws Exception {
AuthenticationTokenFilter af = getAuthenticationFilter();
if(authenticationDetailsSource != null) {
af.setAuthenticationDetailsSource(authenticationDetailsSource);
}
af.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
af.setAuthenticationSuccessHandler(new AuthenticationStubSuccessHandler());
SessionAuthenticationStrategy sessionAuthenticationStrategy = http.getSharedObject(SessionAuthenticationStrategy.class);
if(sessionAuthenticationStrategy != null) {
af.setSessionAuthenticationStrategy(sessionAuthenticationStrategy);
}
AuthenticationTokenFilter filter = postProcess(af);
filter.setContinueChainAfterSuccessfulAuthentication(true);
http.addFilterBefore(filter, BasicAuthenticationFilter.class);
}
示例14: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic()
.authenticationEntryPoint(samlEntryPoint());
http
.csrf()
.disable();
http
.authorizeRequests()
.antMatchers("/", "/saml/**").permitAll()
.anyRequest().authenticated();
http
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http
.logout()
.logoutSuccessUrl("/");
}
示例15: configure
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatchers()
.antMatchers("/oauth/token", "/fb/oauth/access_token")
.and()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.addFilterAfter(clientCredentialsTokenEndpointFilter(), BasicAuthenticationFilter.class)
.addFilterAfter(fbClientCredentialsTokenEndpointFilter(), BasicAuthenticationFilter.class)
.httpBasic()
.authenticationEntryPoint(clientAuthenticationEntryPoint())
.and()
.exceptionHandling()
.accessDeniedHandler(new OAuth2AccessDeniedHandler());
}