當前位置: 首頁>>代碼示例>>Java>>正文

Java SessionCreationPolicy類代碼示例

本文整理匯總了Java中org.springframework.security.config.http.SessionCreationPolicy的典型用法代碼示例。如果您正苦於以下問題:Java SessionCreationPolicy類的具體用法?Java SessionCreationPolicy怎麽用?Java SessionCreationPolicy使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。


SessionCreationPolicy類屬於org.springframework.security.config.http包,在下文中一共展示了SessionCreationPolicy類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {

  // Disable CSRF (cross site request forgery)
  http.csrf().disable();

  // No session will be created or used by spring security
  http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);

  // Entry points
  http.authorizeRequests()//
      .antMatchers("/users/signin").permitAll()//
      .antMatchers("/users/signup").permitAll()//
      // Disallow everything else..
      .anyRequest().authenticated();

  // If a user try to access a resource without having enough permissions
  http.exceptionHandling().accessDeniedPage("/login");

  // Apply JWT
  http.apply(new JwtTokenFilterConfigurer(jwtTokenProvider));

  // Optional, if you want to test the API from a browser
  // http.httpBasic();
}
開發者ID:murraco,項目名稱:spring-boot-jwt,代碼行數:26,代碼來源:WebSecurityConfig.java

示例2: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
public void configure(HttpSecurity http) throws Exception {
    http
        .csrf()
        .disable()
        .headers()
        .frameOptions()
        .disable()
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
        .authorizeRequests()
        .antMatchers("/api/profile-info").permitAll()
        .antMatchers("/api/xm-entities/registration").permitAll()
        .antMatchers("/api/xm-entities/registration/activate/*").permitAll()
        .antMatchers("/api/xm-functions/call/ACCOUNT.VERIFY-CONTACT-DATA").permitAll()
        .antMatchers("/api/**").authenticated()
        .antMatchers("/management/health").permitAll()
        .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
        .antMatchers("/swagger-resources/configuration/ui").permitAll();
}
開發者ID:xm-online,項目名稱:xm-ms-entity,代碼行數:23,代碼來源:MicroserviceSecurityConfiguration.java

示例3: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .csrf()
        .disable()
        .headers()
        .frameOptions()
        .disable()
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
        .authorizeRequests()
        .antMatchers("/api/**").authenticated()
        .antMatchers("/management/health").permitAll()
        .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
        .antMatchers("/swagger-resources/configuration/ui").permitAll()
    .and()
        .apply(securityConfigurerAdapter());
}
開發者ID:oktadeveloper,項目名稱:jhipster-microservices-example,代碼行數:21,代碼來源:MicroserviceSecurityConfiguration.java

示例4: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
      .authorizeRequests()
      .antMatchers("/react/login**", "/react/after**").permitAll()
      .anyRequest().authenticated()
      .and()
      .formLogin()
      .loginPage("/react/login.html")
      .defaultSuccessUrl("/react/menu.html")
      .failureUrl("/react/login.html?error=true")
      .and().logout().logoutUrl("/react/logout.html")
      .logoutSuccessUrl("/react/after_logout.html")
      .and().sessionManagement()
      .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
      
     http.csrf().disable();    
}
開發者ID:PacktPublishing,項目名稱:Spring-5.0-Cookbook,代碼行數:19,代碼來源:AppSecurityConfig.java

示例5: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(final HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .antMatchers("/auth/login").permitAll()
            .antMatchers("/image/**").permitAll()
            .antMatchers(HttpMethod.GET, "/store/**").permitAll()
            .antMatchers(HttpMethod.POST, "/user/").permitAll()
            .antMatchers(HttpMethod.POST, "/product/**").hasAuthority(ROLE_ADMIN.name())
            .antMatchers(HttpMethod.PUT, "/product/**").hasAuthority(ROLE_ADMIN.name())
            .antMatchers(HttpMethod.DELETE, "/product/**").hasAuthority(ROLE_ADMIN.name())
            .antMatchers(HttpMethod.POST, "/stock/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STOCK_MANAGER.name())
            .antMatchers(HttpMethod.PUT, "/stock/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STOCK_MANAGER.name())
            .antMatchers(HttpMethod.DELETE, "/stock/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STOCK_MANAGER.name())
            .antMatchers(HttpMethod.POST, "/store/").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STORE_MANAGER.name())
            .antMatchers(HttpMethod.PUT, "/store/").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STORE_MANAGER.name())
            .antMatchers(HttpMethod.DELETE, "/store/**").hasAnyAuthority(ROLE_ADMIN.name(), ROLE_STORE_MANAGER.name())
            .anyRequest().authenticated()
            .and()
            .addFilterBefore(filter(), UsernamePasswordAuthenticationFilter.class)
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .csrf().disable();
}
開發者ID:akraskovski,項目名稱:product-management-system,代碼行數:24,代碼來源:SecurityConfig.java

示例6: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
public void configure(HttpSecurity http) throws Exception {
    http
        .csrf()
        .disable()
        .headers()
        .frameOptions()
        .disable()
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
        .authorizeRequests()
        .antMatchers("/api/profile-info").permitAll()
        .antMatchers("/api/**").authenticated()
        .antMatchers("/management/health").permitAll()
        .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
        .antMatchers("/swagger-resources/configuration/ui").permitAll();
}
開發者ID:xm-online,項目名稱:xm-ms-balance,代碼行數:20,代碼來源:MicroserviceSecurityConfiguration.java

示例7: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
	http
		.csrf()
		.disable()
		.authorizeRequests()
			.antMatchers("/home/**").permitAll()
	.and()
		.authorizeRequests()
			.antMatchers(HttpMethod.GET, "/app/**").permitAll()
			.antMatchers(HttpMethod.POST, "/app/**").hasRole("SEAT")

	.and()
		.httpBasic()
		.realmName(REALM)
		.authenticationEntryPoint(getBasicAuthEntryPoint())
	.and()
		.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
開發者ID:edylle,項目名稱:hockey-game,代碼行數:20,代碼來源:SecurityConfiguration.java

示例8: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {	
	http.httpBasic();
	http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
	http.authorizeRequests().anyRequest().permitAll().anyRequest().anonymous();
	http.antMatcher("/**/orderbook").authorizeRequests().anyRequest().authenticated(); 
	http.csrf().disable();
}
開發者ID:Angular2Guy,項目名稱:AngularAndSpring,代碼行數:9,代碼來源:WebSecurityConfig.java

示例9: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {

    http = http.addFilter(new WebAsyncManagerIntegrationFilter());
    http = http.addFilterBefore(jwtAuthFilter(), UsernamePasswordAuthenticationFilter.class);

    http
            .antMatcher("/ext/**")
            .csrf().requireCsrfProtectionMatcher(csrfSecurityRequestMatcher).and()
            .headers().frameOptions().sameOrigin().and()
            .authorizeRequests()
            .antMatchers("/ext/stream/**", "/ext/coverArt*", "/ext/share/**", "/ext/hls/**")
            .hasAnyRole("TEMP", "USER").and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
            .exceptionHandling().and()
            .securityContext().and()
            .requestCache().and()
            .anonymous().and()
            .servletApi();
}
開發者ID:airsonic,項目名稱:airsonic,代碼行數:21,代碼來源:GlobalSecurityConfig.java

示例10: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
@SuppressWarnings("PMD.SignatureDeclareThrowsException")
protected void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .addFilter(requestHeaderAuthenticationFilter())
        .addFilter(new AnonymousAuthenticationFilter("anonymous"))
        .authorizeRequests()
        .antMatchers(HttpMethod.OPTIONS).permitAll()
        .antMatchers("/api/v1/swagger.*").permitAll()
        .antMatchers("/api/v1/index.html").permitAll()
        .antMatchers("/api/v1/version").permitAll()
        .antMatchers(HttpMethod.GET, "/api/v1/credentials/callback").permitAll()
        .antMatchers("/api/v1/**").hasRole("AUTHENTICATED")
        .anyRequest().permitAll();

    http.csrf().disable();
}
開發者ID:syndesisio,項目名稱:syndesis,代碼行數:19,代碼來源:SecurityConfiguration.java

示例11: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()
            .authorizeRequests()
            // All urls must be authenticated (filter for token always fires (/**)
            .antMatchers(HttpMethod.OPTIONS, "/login").permitAll()
            .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
            .anyRequest().authenticated()
            .and()
            // Call our errorHandler if authentication/authorisation fails
            .exceptionHandling()
            .authenticationEntryPoint((httpServletRequest, httpServletResponse, e) -> httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"))
            .and()
            // don't create session
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            // 添加一個過濾器 所有訪問 /login 的請求交給 JWTLoginFilter 來處理 這個類處理所有的JWT相關內容
            .and().addFilterBefore(new JwtAuthenticationTokenFilter("/login", authenticationManager()),
                    UsernamePasswordAuthenticationFilter.class)
            // 添加一個過濾器驗證其他請求的Token是否合法
            .addFilterBefore(new JWTAuthenticationFilter(),
                    UsernamePasswordAuthenticationFilter.class);
    // disable page caching
    httpSecurity.headers().cacheControl();
}
開發者ID:myliang,項目名稱:fish-admin,代碼行數:27,代碼來源:WebSecurityConfig.java

示例12: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
	httpSecurity
		.csrf()
	    	.disable()
	    .exceptionHandling()
	        .authenticationEntryPoint(this.unauthorizedHandler)
	        .and()
	    .sessionManagement()
	    	.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
	        .and()
	    .authorizeRequests()
	        .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
	        .antMatchers("/auth/**").permitAll()
	        .antMatchers("/anonymous/**").permitAll()
	
	        .anyRequest().authenticated();
	
	    // Custom JWT based authentication
    httpSecurity
    	.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
開發者ID:Mediv85,項目名稱:jwtExample,代碼行數:23,代碼來源:WebSecurityConfiguration.java

示例13: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable()
            .exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
            .and()
            .authorizeRequests()
            .antMatchers(HttpMethod.POST,"/**").authenticated()
            .antMatchers(HttpMethod.POST, "/login").permitAll()
            .and()
            .formLogin()
            .and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .logout()
            .and()
            .addFilterBefore(new JwtLoginFilter(urlLogin, authenticationManager(), tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
            .addFilterBefore(new JwtAuthenticationFilter(tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
            .headers().cacheControl();
}
開發者ID:TraineeSIIp,項目名稱:PepSIIrup-2017,代碼行數:20,代碼來源:WebSecurityConfig.java

示例14: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
    		.cors()
    		.and()
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()
            // All urls must be authenticated (filter for token always fires (/**)
            .authorizeRequests()
            	.antMatchers(HttpMethod.OPTIONS).permitAll()
            	.antMatchers("/auth/**").authenticated()
            .and()
            // don't create session
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); //.and()
    // Custom JWT based security filter
    httpSecurity
            .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
            

    // disable page caching
    // httpSecurity.headers().cacheControl();
}
開發者ID:awaters1,項目名稱:spring-security-firebase,代碼行數:23,代碼來源:WebSecurityConfig.java

示例15: configure

import org.springframework.security.config.http.SessionCreationPolicy; //導入依賴的package包/類
@Override
  protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(tokenProcessingFilter(), BasicAuthenticationFilter.class).csrf().disable().httpBasic()
      	.and().authorizeRequests()
              .antMatchers("/login/**", "/profile/**").hasRole("USER")
              .and().authorizeRequests().anyRequest().permitAll()
             /* .and()
          .apply(new SpringSocialConfigurer() 
      ) */
              .and().authorizeRequests().antMatchers(
              		"/user/**",
              		"/users/**",
              		"/contacts**",
              		"/contacts/**",
              		"/contacts",
              		"/game/**",
              		"/games/**"
              		).hasRole("USER")
              .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
              ;
  }
開發者ID:eduyayo,項目名稱:gamesboard,代碼行數:22,代碼來源:RestLoginSecurityContext.java


注:本文中的org.springframework.security.config.http.SessionCreationPolicy類示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。