本文整理汇总了Java中org.springframework.security.web.util.matcher.RequestMatcher类的典型用法代码示例。如果您正苦于以下问题:Java RequestMatcher类的具体用法?Java RequestMatcher怎么用?Java RequestMatcher使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
RequestMatcher类属于org.springframework.security.web.util.matcher包,在下文中一共展示了RequestMatcher类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: configure
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
// secure endpoints
RequestMatcher matcher = getRequestMatcher();
if (matcher != null) {
// Always protect them if present
if (this.security.isRequireSsl()) {
http.requiresChannel().anyRequest().requiresSecure();
}
AuthenticationEntryPoint entryPoint = entryPoint();
http.exceptionHandling().authenticationEntryPoint(entryPoint);
// Match all the requests for actuator endpoints ...
http.requestMatcher(matcher);
// ... but permitAll() for the non-sensitive ones
configurePermittedRequests(http.authorizeRequests());
http.httpBasic().authenticationEntryPoint(entryPoint);
// No cookies for management endpoints by default
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(
this.management.getSecurity().getSessions());
SpringBootWebSecurityConfiguration.configureHeaders(http.headers(),
this.security.getHeaders());
}
}
开发者ID:vikrammane23,项目名称:https-github.com-g0t4-jenkins2-course-spring-boot,代码行数:25,代码来源:ManagementWebSecurityAutoConfiguration.java
示例2: configure
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
@Override
protected void configure(HttpSecurity http) throws Exception {
List<RequestMatcher> csrfMethods = new ArrayList<>();
Arrays.asList( "POST", "PUT", "PATCH", "DELETE" )
.forEach( method -> csrfMethods.add( new AntPathRequestMatcher( "/**", method ) ) );
http
.sessionManagement().sessionCreationPolicy( SessionCreationPolicy.STATELESS ).and()
.exceptionHandling().authenticationEntryPoint( restAuthenticationEntryPoint ).and()
.authorizeRequests()
.antMatchers(
HttpMethod.GET,
"/",
"/webjars/**",
"/*.html",
"/favicon.ico",
"/**/*.html",
"/**/*.css",
"/**/*.js"
).permitAll()
.antMatchers("/auth/**").permitAll()
.anyRequest().authenticated().and()
.addFilterBefore(new TokenAuthenticationFilter(tokenHelper, jwtUserDetailsService), BasicAuthenticationFilter.class);
http.csrf().disable();
}
示例3: isNeedToVerify
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
private boolean isNeedToVerify(HttpServletRequest request) {
for (RequestMatcher matcher : authRequests) {
if (matcher.matches(request)) {
return true;
}
}
return false;
}
示例4: authInterceptor
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
@Bean
public AuthenticationInterceptor authInterceptor() {
List<RequestMatcher> matchers = ImmutableList.of(
new AntPathRequestMatcher("/flows/**"),
new AntPathRequestMatcher("/user/register"),
new AntPathRequestMatcher("/user/delete"),
new AntPathRequestMatcher("/user"),
new AntPathRequestMatcher("/user/role/update"),
new AntPathRequestMatcher("/jobs/**"),
new AntPathRequestMatcher("/credentials/*"),
new AntPathRequestMatcher("/actions/**"),
new AntPathRequestMatcher("/message/**"),
new AntPathRequestMatcher("/agents/create"),
new AntPathRequestMatcher("/agents"),
new AntPathRequestMatcher("/roles/**"),
new AntPathRequestMatcher("/thread/config")
);
return new AuthenticationInterceptor(matchers);
}
示例5: RequestConfigMapping
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
public RequestConfigMapping(RequestMatcher matcher, Collection<ConfigAttribute> attributes) {
if (matcher == null) {
throw new IllegalArgumentException("matcher cannot be null");
}
Assert.notEmpty(attributes, "attributes cannot be null or emtpy");
this.matcher = matcher;
this.attributes = attributes;
}
示例6: getRequestMatcher
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
public static RequestMatcher getRequestMatcher(
ManagementContextResolver contextResolver) {
if (contextResolver == null) {
return null;
}
ManagementServerProperties management = contextResolver
.getApplicationContext().getBean(ManagementServerProperties.class);
ServerProperties server = contextResolver.getApplicationContext()
.getBean(ServerProperties.class);
String path = management.getContextPath();
if (StringUtils.hasText(path)) {
AntPathRequestMatcher matcher = new AntPathRequestMatcher(
server.getPath(path) + "/**");
return matcher;
}
// Match everything, including the sensitive and non-sensitive paths
return new LazyEndpointPathRequestMatcher(contextResolver, EndpointPaths.ALL);
}
开发者ID:vikrammane23,项目名称:https-github.com-g0t4-jenkins2-course-spring-boot,代码行数:19,代码来源:ManagementWebSecurityAutoConfiguration.java
示例7: buildSecurityMetadataSource
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
/****
* 基于url匹配拦截时,转换为ExpressionBasedFilterInvocationSecurityMetadataSource
* @param source
* @return
*/
@Override
@SuppressWarnings("unchecked")
public void buildSecurityMetadataSource(){
Assert.notNull(filterSecurityInterceptor);
this.buildRequestMap();
DefaultFilterInvocationSecurityMetadataSource originMetadata = (DefaultFilterInvocationSecurityMetadataSource)filterSecurityInterceptor.getSecurityMetadataSource();
//这个内置实现不支持一个url映射到多个表达式
// ExpressionBasedFilterInvocationSecurityMetadataSource fism = new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, securityExpressionHandler);
Map<RequestMatcher, Collection<ConfigAttribute>> originRequestMap = (Map<RequestMatcher, Collection<ConfigAttribute>>)ReflectUtils.getFieldValue(originMetadata, "requestMap", false);
if(originRequestMap!=null && !originRequestMap.isEmpty()){
this.requestMap.putAll(originRequestMap);
}
DefaultFilterInvocationSecurityMetadataSource fism = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
this.filterSecurityInterceptor.setSecurityMetadataSource(fism);
}
示例8: getFilterSecurityInterceptor
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
/**
* Gets the filter security interceptor.
*
* @return the filter security interceptor
*/
@Bean(name = "fsi")
public FilterSecurityInterceptor getFilterSecurityInterceptor() {
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
interceptor.setAuthenticationManager(getProviderManager());
interceptor.setAccessDecisionManager(getAffirmativeBased());
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
requestMap.put(new AntPathRequestMatcher("/adm/**"),
SecurityConfig.createListFromCommaDelimitedString("ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/adm/restartvm.ajax"), SecurityConfig
.createListFromCommaDelimitedString("ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/sql/**"), SecurityConfig
.createListFromCommaDelimitedString("ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/app/**"),
SecurityConfig.createListFromCommaDelimitedString(
"ROLE_POWERUSER,ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/**"),
SecurityConfig.createListFromCommaDelimitedString(
"ROLE_PROBEUSER,ROLE_POWERUSER,ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
interceptor
.setSecurityMetadataSource(new DefaultFilterInvocationSecurityMetadataSource(requestMap));
return interceptor;
}
示例9: getAttributesMap
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
/**
* Get Attributes map from cache if cache set.
* @return Map
*/
@SuppressWarnings("unchecked")
private Map<RequestMatcher, Collection<ConfigAttribute>> getAttributesMap(){
if(cache!=null){
Map<RequestMatcher, Collection<ConfigAttribute>> map;
String key="ex.securityMetadataSource";
Element e=cache.get(key);
if(e!=null && !e.isExpired()){
log.debug("Cache [Hit] ex.securityMetadataSource: {}",e);
map= (Map<RequestMatcher, Collection<ConfigAttribute>>)e.getObjectValue();
}else{
map=processMap();
Element enew = new Element(key, map);
cache.put(enew);
log.debug("Cache [Update] ex.securityMetadataSource: {}",enew);
}
return map;
}
return processMap();
}
开发者ID:rockagen,项目名称:security-stateless-samples,代码行数:26,代码来源:ExFilterInvocationSecurityMetadataSource.java
示例10: execute
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
public void execute(FilterSecurityInterceptor filterSecurityInterceptor,
Map<String, String> resourceMap) {
Assert.notNull(filterSecurityInterceptor);
Assert.notNull(resourceMap);
logger.info("refresh url resource");
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = null;
requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
String key = entry.getKey();
String value = entry.getValue();
requestMap.put(new AntPathRequestMatcher(key),
SecurityConfig.createListFromCommaDelimitedString(value));
}
FilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource(
requestMap);
filterSecurityInterceptor.setSecurityMetadataSource(source);
}
示例11: getAttributes
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
@Override
public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
FilterInvocation filterInvocation = (FilterInvocation) object;
for (String url : resourceMap.keySet()) {
RequestMatcher requestMatcher = new AntPathRequestMatcher(url);
HttpServletRequest httpRequest = filterInvocation.getHttpRequest();
if (requestMatcher.matches(httpRequest)) {
return resourceMap.get(url);
}
}
return null;
}
示例12: JwtTokenAuthenticationProcessingFilter
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
@Autowired
public JwtTokenAuthenticationProcessingFilter(AuthenticationFailureHandler failureHandler,
TokenExtractor tokenExtractor, RequestMatcher matcher) {
super(matcher);
this.failureHandler = failureHandler;
this.tokenExtractor = tokenExtractor;
}
示例13: SkipPathRequestMatcher
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
@SuppressWarnings("deprecation")
public SkipPathRequestMatcher(List<String> pathsToSkip, String processingPath) {
Assert.notNull(pathsToSkip);
List<RequestMatcher> m = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path)).collect(Collectors.toList());
matchers = new OrRequestMatcher(m);
processingMatcher = new AntPathRequestMatcher(processingPath);
}
示例14: JwtTokenAuthenticationProcessingFilter
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
@Autowired
public JwtTokenAuthenticationProcessingFilter(AuthenticationFailureHandler failureHandler,
TokenExtractor tokenExtractor, RequestMatcher matcher) {
super(matcher);
this.failureHandler = failureHandler;
this.tokenExtractor = tokenExtractor;
}
示例15: SkipPathRequestMatcher
import org.springframework.security.web.util.matcher.RequestMatcher; //导入依赖的package包/类
public SkipPathRequestMatcher(List<String> pathsToSkip, String processingPath) {
Assert.notNull(pathsToSkip);
List<RequestMatcher> m = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path))
.collect(Collectors.toList());
matchers = new OrRequestMatcher(m);
processingMatcher = new AntPathRequestMatcher(processingPath);
}