本文整理汇总了Java中org.springframework.security.web.util.matcher.AnyRequestMatcher类的典型用法代码示例。如果您正苦于以下问题:Java AnyRequestMatcher类的具体用法?Java AnyRequestMatcher怎么用?Java AnyRequestMatcher使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
AnyRequestMatcher类属于org.springframework.security.web.util.matcher包,在下文中一共展示了AnyRequestMatcher类的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: configureHeaders
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
public static void configureHeaders(HeadersConfigurer<?> configurer,
SecurityProperties.Headers headers) throws Exception {
if (headers.getHsts() != Headers.HSTS.NONE) {
boolean includeSubdomains = headers.getHsts() == Headers.HSTS.ALL;
HstsHeaderWriter writer = new HstsHeaderWriter(includeSubdomains);
writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
configurer.addHeaderWriter(writer);
}
if (!headers.isContentType()) {
configurer.contentTypeOptions().disable();
}
if (!headers.isXss()) {
configurer.xssProtection().disable();
}
if (!headers.isCache()) {
configurer.cacheControl().disable();
}
if (!headers.isFrame()) {
configurer.frameOptions().disable();
}
}
开发者ID:vikrammane23,项目名称:https-github.com-g0t4-jenkins2-course-spring-boot,代码行数:22,代码来源:SpringBootWebSecurityConfiguration.java
示例2: configure
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
basicAuthenticationEntryPoint.afterPropertiesSet();
final Filter oauthFilter = oauthFilter();
final BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter(
providerManager(), basicAuthenticationEntryPoint);
http.addFilterAfter(oauthFilter, basicAuthenticationFilter.getClass());
http.addFilterBefore(basicAuthenticationFilter, oauthFilter.getClass());
http.addFilterBefore(oAuth2AuthenticationProcessingFilter(), basicAuthenticationFilter.getClass());
this.authorizationProperties.getAuthenticatedPaths().add(dashboard("/**"));
this.authorizationProperties.getAuthenticatedPaths().add(dashboard(""));
ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry security =
http.authorizeRequests()
.antMatchers(this.authorizationProperties.getPermitAllPaths().toArray(new String[0]))
.permitAll()
.antMatchers(this.authorizationProperties.getAuthenticatedPaths().toArray(new String[0]))
.authenticated();
security = SecurityConfigUtils.configureSimpleSecurity(security, this.authorizationProperties);
security.anyRequest().denyAll();
this.securityStateBean.setAuthorizationEnabled(true);
http.httpBasic().and()
.logout()
.logoutSuccessUrl(dashboard("/logout-success-oauth.html"))
.and().csrf().disable()
.exceptionHandling()
.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/api/**"))
.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/actuator/**"))
.defaultAuthenticationEntryPointFor(
new LoginUrlAuthenticationEntryPoint(this.authorizationProperties.getLoginProcessingUrl()),
AnyRequestMatcher.INSTANCE);
this.securityStateBean.setAuthenticationEnabled(true);
}
示例3: CsrfCookieGeneratorFilter
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
public CsrfCookieGeneratorFilter(final String... ignoredPatterns) {
if (ignoredPatterns.length > 0) {
this.ignoredMatcher = new OrRequestMatcher(Arrays.stream(ignoredPatterns)
.map(AntPathRequestMatcher::new)
.collect(toList()));
} else {
this.ignoredMatcher = new NegatedRequestMatcher(AnyRequestMatcher.INSTANCE);
}
}
示例4: configureHeaders
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
private static void configureHeaders(HeadersConfigurer<?> headers) throws Exception {
HstsHeaderWriter writer = new HstsHeaderWriter(false);
writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
headers.contentTypeOptions().and().xssProtection()
.and().cacheControl()
.and().frameOptions().sameOrigin()
.addHeaderWriter(writer);
}
示例5: createDelegate
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
private RequestMatcher createDelegate() {
ServerProperties server = ManagementWebSecurityConfigurerAdapter.this.server;
List<RequestMatcher> matchers = new ArrayList<RequestMatcher>();
EndpointHandlerMapping endpointHandlerMapping = ManagementWebSecurityConfigurerAdapter.this
.getRequiredEndpointHandlerMapping();
for (String path : this.endpointPaths.getPaths(endpointHandlerMapping)) {
matchers.add(new AntPathRequestMatcher(server.getPath(path)));
}
return (matchers.isEmpty() ? AnyRequestMatcher.INSTANCE
: new OrRequestMatcher(matchers));
}
示例6: addSecureChannel
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
private void addSecureChannel(List<Filter> filters, Protocol protocol) {
ChannelProcessingFilter channelProcessingFilter = new ChannelProcessingFilter();
channelProcessingFilter.setChannelDecisionManager(channelDecisionManager);
RequestMatcher anyRequest = AnyRequestMatcher.INSTANCE;
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
Collection<ConfigAttribute> configAtts = new ArrayList<>();
switch (protocol) {
case HTTP:
configAtts.add(new SecurityConfig("ANY_CHANNEL"));
break;
case HTTPS:
configAtts.add(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
break;
default:
}
requestMap.put(anyRequest, configAtts);
FilterInvocationSecurityMetadataSource securityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
channelProcessingFilter.setSecurityMetadataSource(securityMetadataSource);
filters.add(channelProcessingFilter);
}
示例7: configure
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
final LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
entryPoints.put(new AntPathRequestMatcher("/api/**"), new Http403ForbiddenEntryPoint());
entryPoints.put(AnyRequestMatcher.INSTANCE, new LoginUrlAuthenticationEntryPoint(FindController.DEFAULT_LOGIN_PAGE));
final AuthenticationEntryPoint authenticationEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);
http
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint)
.accessDeniedPage("/authentication-error")
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(FindController.DEFAULT_LOGIN_PAGE)
.and()
.authorizeRequests()
.antMatchers(FindController.APP_PATH + "/**").hasAnyRole(FindRole.USER.name())
.antMatchers(FindController.CONFIG_PATH).hasRole(FindRole.CONFIG.name())
.antMatchers("/api/public/**").hasRole(FindRole.USER.name())
.antMatchers("/api/bi/**").hasRole(FindRole.BI.name())
.antMatchers("/api/config/**").hasRole(FindRole.CONFIG.name())
.antMatchers("/api/admin/**").hasRole(FindRole.ADMIN.name())
.antMatchers(FindController.DEFAULT_LOGIN_PAGE).permitAll()
.antMatchers(FindController.LOGIN_PATH).permitAll()
.antMatchers("/").permitAll()
.anyRequest().denyAll()
.and()
.headers()
.defaultsDisabled()
.frameOptions()
.sameOrigin();
idolSecurityCustomizer.customize(http, authenticationManager());
}
示例8: configure
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher(
contentNegotiationStrategy,
MediaType.TEXT_HTML);
final String loginPage = dashboard("/#/login");
final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
basicAuthenticationEntryPoint.afterPropertiesSet();
http
.csrf()
.disable()
.authorizeRequests()
.antMatchers("/")
.authenticated()
.antMatchers(
dashboard("/**"),
"/authenticate",
"/security/info",
"/features",
"/assets/**").permitAll()
.and()
.formLogin().loginPage(loginPage)
.loginProcessingUrl(dashboard("/login"))
.defaultSuccessUrl(dashboard("/")).permitAll()
.and()
.logout().logoutUrl(dashboard("/logout"))
.logoutSuccessUrl(dashboard("/logout-success.html"))
.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll()
.and().httpBasic()
.and().exceptionHandling()
.defaultAuthenticationEntryPointFor(
new LoginUrlAuthenticationEntryPoint(loginPage),
textHtmlMatcher)
.defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint,
AnyRequestMatcher.INSTANCE)
.and()
.authorizeRequests()
.anyRequest().authenticated();
final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>(
sessionRepository());
sessionRepositoryFilter
.setHttpSessionStrategy(new HeaderHttpSessionStrategy());
http.addFilterBefore(sessionRepositoryFilter,
ChannelProcessingFilter.class).csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
示例9: configureHeaders
import org.springframework.security.web.util.matcher.AnyRequestMatcher; //导入依赖的package包/类
private static void configureHeaders(HeadersConfigurer<?> headers) throws Exception {
HstsHeaderWriter writer = new HstsHeaderWriter(false);
writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
headers.contentTypeOptions().and().xssProtection()
.and().cacheControl().and().addHeaderWriter(writer).frameOptions();
}