当前位置: 首页>>代码示例>>Java>>正文


Java CsrfToken类代码示例

本文整理汇总了Java中org.springframework.security.web.csrf.CsrfToken的典型用法代码示例。如果您正苦于以下问题:Java CsrfToken类的具体用法?Java CsrfToken怎么用?Java CsrfToken使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


CsrfToken类属于org.springframework.security.web.csrf包,在下文中一共展示了CsrfToken类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    // Spring put the CSRF token in session attribute "_csrf"
    CsrfToken csrfToken = (CsrfToken) request.getAttribute("_csrf");

    // Send the cookie only if the token has changed
    String actualToken = request.getHeader("X-CSRF-TOKEN");
    if (actualToken == null || !actualToken.equals(csrfToken.getToken())) {
        // Session cookie that will be used by AngularJS
        String pCookieName = "CSRF-TOKEN";
        Cookie cookie = new Cookie(pCookieName, csrfToken.getToken());
        cookie.setMaxAge(-1);
        cookie.setHttpOnly(false);
        cookie.setPath("/");
        response.addCookie(cookie);
    }
    filterChain.doFilter(request, response);
}
 
开发者ID:GastonMauroDiaz,项目名称:buenojo,代码行数:19,代码来源:CsrfCookieGeneratorFilter.java

示例2: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
private Filter csrfHeaderFilter() {
	return new OncePerRequestFilter() {
		@Override
		protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
				FilterChain filterChain) throws ServletException, IOException {
			CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
			if (csrf != null) {
				Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
				String token = csrf.getToken();
				if (cookie == null || token != null && !token.equals(cookie.getValue())) {
					cookie = new Cookie("XSRF-TOKEN", token);
					cookie.setPath("/");
					response.addCookie(cookie);
				}
			}
			filterChain.doFilter(request, response);
		}
	};
}
 
开发者ID:ksambhav,项目名称:trueyes,代码行数:20,代码来源:WebfrontUIApplication.java

示例3: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
    throws ServletException, IOException
{
  CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
  if (csrf != null) {
    Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
    String token = csrf.getToken();
    if (cookie == null || token != null && !token.equals(cookie.getValue())) {
      cookie = new Cookie("XSRF-TOKEN", token);
      cookie.setPath("/");
      response.addCookie(cookie);
    }
  }
  filterChain.doFilter(request, response);
}
 
开发者ID:kreinhard,项目名称:OpenViSu,代码行数:17,代码来源:CsrfHeaderFilter.java

示例4: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
private Filter csrfHeaderFilter() {
    return new OncePerRequestFilter() {
        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                                        FilterChain filterChain) throws ServletException, IOException {
            CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
            if (csrf != null) {
                Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
                String token = csrf.getToken();
                if (cookie == null || token != null && !token.equals(cookie.getValue())) {
                    cookie = new Cookie("XSRF-TOKEN", token);
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
            }
            filterChain.doFilter(request, response);
        }
    };
}
 
开发者ID:restbucks,项目名称:restbucks-member,代码行数:20,代码来源:WebSecurityConfiguration.java

示例5: postHandle

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response,
		Object handler, ModelAndView modelAndView) throws Exception {
	
	// A veces "modelAndView" es null cuando no encuentra la pagina
	if (modelAndView != null) {
		// CSRF
		CsrfToken token = (CsrfToken) request.getAttribute("_csrf");
		modelAndView.addObject("_csrf", token);
		
		// User role
		if (sessionService.getUsuarioActual() != null) {
			modelAndView.addObject("isAdmin", sessionService.usuarioActualHasRole("ROLE_ADMIN"));
		}
	}
	
}
 
开发者ID:arubioVK,项目名称:La-Apostada,代码行数:18,代码来源:HandlerConfiguration.java

示例6: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
private Filter csrfHeaderFilter() {
	return new OncePerRequestFilter() {
		@Override
		protected void doFilterInternal(HttpServletRequest request,
		                                HttpServletResponse response, FilterChain filterChain)
				throws ServletException, IOException {
			CsrfToken csrf = (CsrfToken) request
					.getAttribute(CsrfToken.class.getName());
			if (csrf != null) {
				Cookie cookie = new Cookie("XSRF-TOKEN",
						csrf.getToken());
				cookie.setPath("/");
				response.addCookie(cookie);
			}
			filterChain.doFilter(request, response);
		}
	};
}
 
开发者ID:JerryNiu,项目名称:cloud,代码行数:19,代码来源:ResourceServerConfig.java

示例7: getCsrfToken

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
/**
 * Retrieves the CSRF token from the server session.
 *
 * @param request {@link HttpServletRequest} to retrieve the current session from
 * @param response {@link HttpServletResponse} to send additional information
 * @return the Spring Security {@link CsrfToken}
 */
@Produces(MediaType.APPLICATION_JSON)
@GET
@Path("/csrftoken/")
@PermitAll
public CsrfToken getCsrfToken(@Context HttpServletRequest request, @Context HttpServletResponse response) {

  // return (CsrfToken) request.getSession().getAttribute(
  // HttpSessionCsrfTokenRepository.class.getName().concat(".CSRF_TOKEN"));
  CsrfToken token = this.csrfTokenRepository.loadToken(request);
  if (token == null) {
    LOG.warn("No CsrfToken could be found - instanciating a new Token");
    token = this.csrfTokenRepository.generateToken(request);
    this.csrfTokenRepository.saveToken(token, request, response);
  }
  return token;
}
 
开发者ID:oasp,项目名称:oasp-tutorial-sources,代码行数:24,代码来源:SecurityRestServiceImpl.java

示例8: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
private Filter csrfHeaderFilter()
{
  return new OncePerRequestFilter() {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
        throws ServletException, IOException
    {
      CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
      if (csrf != null) {
        Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
        String token = csrf.getToken();
        if (cookie == null || token != null && !token.equals(cookie.getValue())) {
          cookie = new Cookie("XSRF-TOKEN", token);
          cookie.setPath("/");
          response.addCookie(cookie);
        }
      }
      filterChain.doFilter(request, response);
    }
  };
}
 
开发者ID:kreinhard,项目名称:OpenViSu,代码行数:22,代码来源:SecurityConfiguration.java

示例9: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
@Override
protected void doFilterInternal(
        HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
        throws ServletException, IOException {
    if (ignoredMatcher.matches(request)) {
        filterChain.doFilter(request, response);
        return;
    }

    final CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());

    if (csrf != null) {
        Cookie cookie = WebUtils.getCookie(request, ANGULAR_CSRF_DEFAULT_COOKIE_NAME);

        if (cookie == null || csrf.getToken() != null && !csrf.getToken().equals(cookie.getValue())) {
            cookie = new Cookie(ANGULAR_CSRF_DEFAULT_COOKIE_NAME, csrf.getToken());
            cookie.setMaxAge(-1);
            cookie.setPath(getCookiePath(request));
            cookie.setSecure(request.isSecure());
            response.addCookie(cookie);
        }
    }

    filterChain.doFilter(request, response);
}
 
开发者ID:suomenriistakeskus,项目名称:oma-riista-web,代码行数:26,代码来源:CsrfCookieGeneratorFilter.java

示例10: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
private Filter csrfHeaderFilter() {
	return new OncePerRequestFilter() {
		@Override
		protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
			CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
			if (csrf != null) {
				Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
				String token = csrf.getToken();
				if (cookie == null || token != null && !token.equals(cookie.getValue())) {
					cookie = new Cookie("XSRF-TOKEN", token);
					cookie.setPath("/");
					response.addCookie(cookie);
				}
			}
			filterChain.doFilter(request, response);
		}
	};
}
 
开发者ID:gjk0090,项目名称:complete-transaction-management,代码行数:19,代码来源:MainApplication.java

示例11: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
private Filter csrfHeaderFilter() {
    return new OncePerRequestFilter() {
        @Override
        protected void doFilterInternal(HttpServletRequest request,
                                        HttpServletResponse response, FilterChain filterChain)
                throws ServletException, IOException {
            CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class
                    .getName());
            if (csrf != null) {
                Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
                String token = csrf.getToken();
                if (cookie == null || token != null
                        && !token.equals(cookie.getValue())) {
                    cookie = new Cookie("XSRF-TOKEN", token);
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
            }
            filterChain.doFilter(request, response);
        }
    };
}
 
开发者ID:ortolanph,项目名称:hojeehdiaderua,代码行数:23,代码来源:SecurityConfig.java

示例12: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest request,
    HttpServletResponse response, FilterChain filterChain)
    throws ServletException, IOException {
  CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class
      .getName());
  if (csrf != null) {
    Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
    String token = csrf.getToken();
    if (cookie==null || token!=null && !token.equals(cookie.getValue())) {
      cookie = new Cookie("XSRF-TOKEN", token);
      cookie.setPath("/");
      response.addCookie(cookie);
    }
  }
  filterChain.doFilter(request, response);
}
 
开发者ID:denis-rodionov,项目名称:cityoffice,代码行数:18,代码来源:CsrfHeaderFilter.java

示例13: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    
	
	// Spring put the CSRF token in session attribute "_csrf"
    CsrfToken csrfToken = (CsrfToken) request.getAttribute("_csrf");

    // Send the cookie only if the token has changed
    String actualToken = request.getHeader("X-CSRF-TOKEN");
    if (actualToken == null || !actualToken.equals(csrfToken.getToken())) {
        // Session cookie that will be used by AngularJS
        String pCookieName = "CSRF-TOKEN";
        Cookie cookie = new Cookie(pCookieName, csrfToken.getToken());
        cookie.setMaxAge(-1);
        cookie.setHttpOnly(false);
        cookie.setPath("/");
        response.addCookie(cookie);
    }
    
	response.addHeader("Access-Control-Allow-Origin", "*");
	response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
	response.setHeader("Access-Control-Max-Age", "86400"); // 24 Hours
	response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, x-auth-token");
    
    filterChain.doFilter(request, response);
}
 
开发者ID:arhs-cube-gameofcode,项目名称:gameofcode,代码行数:27,代码来源:CsrfCookieGeneratorFilter.java

示例14: testSaveAndLoadToken

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
@Test
public void testSaveAndLoadToken() throws Exception {
    CookieCsrfTokenRepository csrfTokenRepository = new CookieCsrfTokenRepository();
    String csrfCookieName = "csrfCookie";
    csrfTokenRepository.setCsrfCookieName(csrfCookieName);
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    CsrfToken token = csrfTokenRepository.generateToken(request);
    csrfTokenRepository.saveToken(token, request, response);

    Cookie cookie = response.getCookie(csrfCookieName);
    assertNotNull(cookie);
    assertEquals(token.getToken(), cookie.getValue());
    assertEquals(true, cookie.isHttpOnly());

    request.setCookies(cookie);

    CsrfToken saved = csrfTokenRepository.loadToken(request);
    assertEquals(token.getToken(), saved.getToken());
    assertEquals(token.getHeaderName(), saved.getHeaderName());
    assertEquals(token.getParameterName(), saved.getParameterName());
}
 
开发者ID:AusDTO,项目名称:spring-security-stateless,代码行数:23,代码来源:CookieCsrfTokenRepositoryTest.java

示例15: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //导入依赖的package包/类
private Filter csrfHeaderFilter()
{
  return new OncePerRequestFilter()
  {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                                    FilterChain filterChain)
      throws ServletException, IOException
    {
      CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
      if(csrf != null)
      {
        Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
        String token = csrf.getToken();
        if(cookie == null || token != null && !token.equals(cookie.getValue()))
        {
          cookie = new Cookie("XSRF-TOKEN", token);
          cookie.setPath("/");
          response.addCookie(cookie);
        }
      }
      filterChain.doFilter(request, response);
    }
  };
}
 
开发者ID:fetox74,项目名称:eve-oauth2-example,代码行数:26,代码来源:EveOAuth2Example.java


注:本文中的org.springframework.security.web.csrf.CsrfToken类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。