本文整理汇总了Java中org.springframework.security.web.savedrequest.NullRequestCache类的典型用法代码示例。如果您正苦于以下问题:Java NullRequestCache类的具体用法?Java NullRequestCache怎么用?Java NullRequestCache使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
NullRequestCache类属于org.springframework.security.web.savedrequest包,在下文中一共展示了NullRequestCache类的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/game/**", "/app/**").authenticated()
.and()
.requestCache()
.requestCache(new NullRequestCache())
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.deleteCookies()
.invalidateHttpSession(true)
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and()
.apply(securityConfigurer());
}
示例2: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
// 关闭csrf验证
http.csrf().disable()
// 对请求进行认证
.authorizeRequests()
// 所有 / 的所有请求 都放行
.antMatchers("/").permitAll()
.antMatchers("/bootstrap-3.3.7-dist/**", "/bootstrap-switch-master/**").permitAll()
.antMatchers("/bootstrap-table/**", "/Font-Awesome-3.2.1/**", "/favicon.ico").permitAll()
.antMatchers("/images/**", "/css/**", "/js/**", "/laydate/**", "/nprogress/**").permitAll()
.antMatchers("/swagger/**", "/theme/**", "/webuploader/**", "/jquery-i18n-properties/**").permitAll()
// 所有 /login 的POST请求 都放行
.antMatchers(HttpMethod.POST, "/login").permitAll()
// 所有请求需要身份认证
.anyRequest().authenticated()
.and()
// 对login进行过滤
.addFilterBefore(new JWTLoginFilter("/login", authenticationManager()),
UsernamePasswordAuthenticationFilter.class)
// 对其他的api进行过滤
.addFilterBefore(new JWTAuthenticationFilter(),
UsernamePasswordAuthenticationFilter.class);
http.requestCache().requestCache(new NullRequestCache());
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
示例3: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/api/register").permitAll()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.anyRequest().authenticated()
.and()
.requestCache()
.requestCache(new NullRequestCache())
.and()
.httpBasic()
.and()
.csrf().disable();
}
示例4: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
// 关闭csrf验证
http.csrf().disable()
//.headers().frameOptions().disable()
//.and()
// 对请求进行认证
.authorizeRequests()
// 所有 / 的所有请求 都放行
.antMatchers("/").permitAll()
.antMatchers("/v1/batch/identify").permitAll()
.antMatchers("/bootstrap-3.3.7-dist/**", "/bootstrap-switch-master/**").permitAll()
.antMatchers("/bootstrap-table/**", "/Font-Awesome-3.2.1/**", "/favicon.ico").permitAll()
.antMatchers("/images/**", "/css/**", "/js/**", "/laydate/**", "/nprogress/**").permitAll()
.antMatchers("/swagger/**", "/theme/**", "/webuploader/**", "/jquery-i18n-properties/**").permitAll()
// 所有 /login 的POST请求 都放行
.antMatchers(HttpMethod.POST, "/login").permitAll()
// 所有请求需要身份认证
.anyRequest().authenticated()
.and()
// 对login进行过滤
.addFilterBefore(new JWTLoginFilter("/login", authenticationManager()),
UsernamePasswordAuthenticationFilter.class)
// 对其他的api进行过滤
.addFilterBefore(new JWTAuthenticationFilter(),
UsernamePasswordAuthenticationFilter.class);
http.requestCache().requestCache(new NullRequestCache());
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
示例5: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
SimpleUrlAuthenticationSuccessHandler simpleUrlAuthenticationSuccessHandler = new SimpleUrlAuthenticationSuccessHandler("/");
simpleUrlAuthenticationSuccessHandler.setUseReferer(false);
simpleUrlAuthenticationSuccessHandler.setTargetUrlParameter("url");
DefaultRedirectStrategy defaultRedirectStrategy = new DefaultRedirectStrategy();
simpleUrlAuthenticationSuccessHandler.setRedirectStrategy(defaultRedirectStrategy);
SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
simpleUrlLogoutSuccessHandler.setUseReferer(true);
// @formatter:off
http
.authorizeRequests()
.antMatchers(ckfinder.getServlet().getPath()).hasAnyRole("ADMIN")
.and()
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint())
.and()
.formLogin()
.loginPage("/login")
.usernameParameter("user_id1")
.passwordParameter("password1")
.successHandler(simpleUrlAuthenticationSuccessHandler)
.failureHandler(failureHandler())
.permitAll()
.and()
.headers()
.cacheControl().disable()
.httpStrictTransportSecurity().disable()
.frameOptions().sameOrigin()
.and()
.logout()
.logoutUrl("/logout.html")
.logoutSuccessHandler(simpleUrlLogoutSuccessHandler)
.permitAll()
.and()
.rememberMe()
.rememberMeParameter("rememberMe")
.tokenRepository(persistentTokenRepository)
.and()
.requestCache()
.requestCache(new NullRequestCache())
.and()
.servletApi();
// @formatter:on
}
示例6: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests().antMatchers("/", "/login**", "/webjars**").permitAll().anyRequest().authenticated().and()
.exceptionHandling()/*.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))*/.and()
.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/").permitAll().and()
.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
.addFilterBefore(this.ssoFilter(), DigestAuthenticationFilter.class)
.headers().httpStrictTransportSecurity().disable().and()
.requestCache().requestCache(new NullRequestCache()).and()
;
}
示例7: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/register/**", "/forgot-password/**", "/dist/**",
"/console/**", "/test**").permitAll().anyRequest().authenticated()
.and().formLogin().loginPage("/login")
.defaultSuccessUrl("/dashboard").permitAll().and().logout()
.permitAll().and().requestCache()
.requestCache(new NullRequestCache())
.and().sessionManagement().sessionFixation().none()
.and().csrf().disable();
http.headers().frameOptions().disable();
}
示例8: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.requestCache()
.requestCache(new NullRequestCache())
.and()
.httpBasic();
}
示例9: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
/**
* HTTP Security configuration
*
* <pre><http auto-config="true"></pre> is equivalent to:
* <pre>
* <http>
* <form-login />
* <http-basic />
* <logout />
* </http>
* </pre>
*
* Which is equivalent to the following JavaConfig:
*
* <pre>
* http.formLogin()
* .and().httpBasic()
* .and().logout();
* </pre>
*
* @param http HttpSecurity configuration.
* @throws Exception Authentication configuration exception
*
* @see <a href="http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-jc.html">
* Spring Security 3 to 4 migration</a>
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Matching
http.authorizeRequests()
// FIXME: TODO: Allow anyone to use H2 (NOTE: NOT FOR PRODUCTION USE EVER !!! )
.antMatchers("/admin/h2/**").permitAll()
.antMatchers("/", "/favicon*").permitAll()
.antMatchers("/login/*").permitAll()
.antMatchers("/logout").permitAll()
.antMatchers("/signin/**").permitAll()
.antMatchers("/signup/*").permitAll()
.antMatchers("/errors/**").permitAll()
.antMatchers("/admin/*").access("hasRole('ADMIN') and isFullyAuthenticated()")
.antMatchers("/events/").hasRole("ADMIN")
.antMatchers("/**").hasRole("USER");
http.requestCache().requestCache(new NullRequestCache());
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
// Login
http.formLogin()
.loginPage("/login/form")
.loginProcessingUrl("/login")
.failureUrl("/login/form?error")
.usernameParameter("username")
.passwordParameter("password")
.defaultSuccessUrl("/default", true)
.permitAll();
// Logout
http.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/login/form?logout").deleteCookies("JSESSIONID").invalidateHttpSession(true)
.permitAll();
// Anonymous
http.anonymous();
// CSRF is enabled by default, with Java Config
http.csrf().disable();
// Exception Handling
http.exceptionHandling()
.accessDeniedPage("/errors/403")
;
// Enable <frameset> in order to use H2 web console
http.headers().frameOptions().disable();
}
示例10: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
/**
* To keep readability, please do not use IDE's code organization feature for this code.
*
* Current format for security configuration is:
* .security feature() // Feature method to config
* .feature-specific configurations()
* .and() // And of the configuration for the feature
* .another security feature()
* .configuration()
*/
http
.authorizeRequests()
.antMatchers("/api/session").permitAll()
.antMatchers("/h2-console/**").permitAll()
.antMatchers("/api/**").authenticated()
.and()
.headers()
.frameOptions().disable() // for h2
.and()
.requestCache()
.requestCache(new NullRequestCache())
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and()
.rememberMe()
.rememberMeServices(rememberMeServices())
.key(oSoonProperties.getRememberMeKey())
.and()
.csrf()
.disable()
.logout()
.logoutRequestMatcher(r -> r.getMethod().equalsIgnoreCase("DELETE") && r.getRequestURI().equalsIgnoreCase("/api/session"))
.logoutSuccessUrl("/")
.clearAuthentication(true)
.deleteCookies(oSoonProperties.getCookieName())
.and()
.addFilterBefore(rememberMeAuthenticationFilter(), RememberMeAuthenticationFilter.class);
}
示例11: configure
import org.springframework.security.web.savedrequest.NullRequestCache; //导入依赖的package包/类
/**
* This method is used to inject access control policies into Spring
* security to control what resources / paths / http methods clients have
* access to.
*/
@Override
protected void configure(final HttpSecurity http) throws Exception {
// By default, Spring inserts a token into web pages to prevent
// cross-site request forgery attacks.
// See: http://en.wikipedia.org/wiki/Cross-site_request_forgery
//
// Unfortunately, there is no easy way with the default setup to communicate
// these CSRF tokens to a mobile client so we disable them.
// Don't worry, the next iteration of the example will fix this
// problem.
http.csrf().disable();
// We don't want to cache requests during login
http.requestCache().requestCache(new NullRequestCache());
// Allow all clients to access the login page and use
// it to login
http.formLogin()
// The default login url on Spring is "j_security_check" ...
// which isn't very friendly. We change the login url to
// something more reasonable ("/login").
.loginProcessingUrl(VideoSvcApi.LOGIN_PATH)
// The default login system is designed to redirect you to
// another URL after you successfully authenticate. For mobile
// clients, we don't want to be redirected, we just want to tell
// them that they successfully authenticated and return a session
// cookie to them. this extra configuration option ensures that the
// client isn't redirected anywhere with an HTTP 302 response code.
.successHandler(NO_REDIRECT_SUCCESS_HANDLER)
// Allow everyone to access the login URL
.permitAll();
// Make sure that clients can logout too!!
http.logout()
// Change the default logout path to /logout
.logoutUrl(VideoSvcApi.LOGOUT_PATH)
// Make sure that a redirect is not sent to the client
// on logout
.logoutSuccessHandler(JSON_LOGOUT_SUCCESS_HANDLER)
// Allow everyone to access the logout URL
.permitAll();
// Require clients to login and have an account with the "user" role
// in order to access /video
// http.authorizeRequests().antMatchers("/video").hasRole("user");
// Require clients to login and have an account with the "user" role
// in order to send a POST request to /video
// http.authorizeRequests().antMatchers(HttpMethod.POST, "/video").hasRole("user");
// We force clients to authenticate before accessing ANY URLs
// other than the login and lougout that we have configured above.
http.authorizeRequests().anyRequest().authenticated();
}