本文整理匯總了Java中org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter類的典型用法代碼示例。如果您正苦於以下問題:Java UsernamePasswordAuthenticationFilter類的具體用法?Java UsernamePasswordAuthenticationFilter怎麽用?Java UsernamePasswordAuthenticationFilter使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
UsernamePasswordAuthenticationFilter類屬於org.springframework.security.web.authentication包,在下文中一共展示了UsernamePasswordAuthenticationFilter類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.anonymous().authorities("ROLE_ANONYMOUS")
.and()
.authorizeRequests()
.antMatchers("/login**", "/after**").permitAll()
.antMatchers("/deptanon.html").anonymous()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login.html")
.defaultSuccessUrl("/deptform.html")
.failureHandler(customFailureHandler)
.successHandler(customSuccessHandler)
.and()
.addFilterBefore(appAnonAuthFilter(), UsernamePasswordAuthenticationFilter.class)
.addFilter(appAuthenticationFilter(authenticationManager()))
.logout().logoutUrl("/logout.html")
.logoutSuccessHandler(customLogoutHandler)
.and().exceptionHandling().authenticationEntryPoint(setAuthPoint());
http.csrf().disable();
}
示例2: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/api/auth", "/api/users/me", "/api/greetings/public").permitAll()
.anyRequest().authenticated()
.and()
.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
示例3: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http = http.addFilter(new WebAsyncManagerIntegrationFilter());
http = http.addFilterBefore(jwtAuthFilter(), UsernamePasswordAuthenticationFilter.class);
http
.antMatcher("/ext/**")
.csrf().requireCsrfProtectionMatcher(csrfSecurityRequestMatcher).and()
.headers().frameOptions().sameOrigin().and()
.authorizeRequests()
.antMatchers("/ext/stream/**", "/ext/coverArt*", "/ext/share/**", "/ext/hls/**")
.hasAnyRole("TEMP", "USER").and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.exceptionHandling().and()
.securityContext().and()
.requestCache().and()
.anonymous().and()
.servletApi();
}
示例4: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
// we don't need CSRF because our token is invulnerable
.csrf().disable()
.authorizeRequests()
// All urls must be authenticated (filter for token always fires (/**)
.antMatchers(HttpMethod.OPTIONS, "/login").permitAll()
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.anyRequest().authenticated()
.and()
// Call our errorHandler if authentication/authorisation fails
.exceptionHandling()
.authenticationEntryPoint((httpServletRequest, httpServletResponse, e) -> httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"))
.and()
// don't create session
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
// 添加一個過濾器 所有訪問 /login 的請求交給 JWTLoginFilter 來處理 這個類處理所有的JWT相關內容
.and().addFilterBefore(new JwtAuthenticationTokenFilter("/login", authenticationManager()),
UsernamePasswordAuthenticationFilter.class)
// 添加一個過濾器驗證其他請求的Token是否合法
.addFilterBefore(new JWTAuthenticationFilter(),
UsernamePasswordAuthenticationFilter.class);
// disable page caching
httpSecurity.headers().cacheControl();
}
示例5: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(this.unauthorizedHandler)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.antMatchers("/auth/**").permitAll()
.antMatchers("/anonymous/**").permitAll()
.anyRequest().authenticated();
// Custom JWT based authentication
httpSecurity
.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
示例6: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
.and()
.authorizeRequests()
.antMatchers(HttpMethod.POST,"/**").authenticated()
.antMatchers(HttpMethod.POST, "/login").permitAll()
.and()
.formLogin()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.logout()
.and()
.addFilterBefore(new JwtLoginFilter(urlLogin, authenticationManager(), tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(new JwtAuthenticationFilter(tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
.headers().cacheControl();
}
示例7: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.cors()
.and()
// we don't need CSRF because our token is invulnerable
.csrf().disable()
// All urls must be authenticated (filter for token always fires (/**)
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS).permitAll()
.antMatchers("/auth/**").authenticated()
.and()
// don't create session
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); //.and()
// Custom JWT based security filter
httpSecurity
.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
// disable page caching
// httpSecurity.headers().cacheControl();
}
示例8: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
// we don't need CSRF because our token is invulnerable
.csrf().disable()
.exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint).and()
// no need to create session as JWT auth is stateless and per request
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests()
.antMatchers("/auth").permitAll() // allow anyone to try and authenticate
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll() // allow CORS pre-flighting
.anyRequest().authenticated(); // lock down everything else
// Add our custom JWT security filter before Spring Security's Username/Password filter
httpSecurity.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
// Disable page caching in the browser
httpSecurity.headers().cacheControl().disable();
}
示例9: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable() // We don't need CSRF for JWT based authentication
.exceptionHandling()
.authenticationEntryPoint(this.authenticationEntryPoint)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers(FORM_BASED_LOGIN_ENTRY_POINT).permitAll()
.antMatchers(API_DOCS_ENTRY_POINT).permitAll()
.antMatchers(HttpMethod.GET, TOKEN_BASED_AUTH_ENTRY_POINT).permitAll()
.antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated()
.anyRequest().permitAll()
.and()
.addFilterBefore(buildDeviceLoginProcessingFilter(), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(), UsernamePasswordAuthenticationFilter.class);
}
示例10: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.exceptionHandling()
.authenticationEntryPoint(this.authenticationEntryPoint)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers(HttpMethod.POST, formBasedAuthEntry).permitAll()
.antMatchers(HttpMethod.GET, apiAuthEntry).permitAll()
.antMatchers(apiAuthEntry).authenticated()
.antMatchers(dbStatusAuthEntry).access("hasIpAddress('127.0.0.1')")
.anyRequest().permitAll()
.and()
.addFilterBefore(corsFilter(), SessionManagementFilter.class)
.addFilterBefore(buildDeviceLoginProcessingFilter(),
UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(),
UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(buildJwtTokenAuthenticationProcessingFilterDbStatus(),
UsernamePasswordAuthenticationFilter.class);
}
示例11: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
// allow loading our single page application by everyone. not required if the page is hosted somewhere else.
http.authorizeRequests().antMatchers("/").permitAll();
// allow logout
http.logout().logoutSuccessUrl("/").permitAll();
// all other services are protected.
http.authorizeRequests().anyRequest().authenticated();
// we are using token based authentication. csrf is not required.
http.csrf().disable();
// need a filter to validate the Jwt token from AzureAD and assign roles.
// without this, the token will not be validated and the role is always ROLE_USER.
http.addFilterBefore(azureAdJwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
示例12: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
//解決Refused to display 'http://......' in a frame because it set 'X-Frame-Options' to 'DENY'. "錯誤
http.headers().frameOptions().disable();
http.authorizeRequests().antMatchers("/").permitAll()
.antMatchers("/**/session/**").authenticated()//登錄即可獲取session信息
// 其他地址的訪問均需驗證權限(需要登錄,且有指定的權限)
.anyRequest().access("@permissionService.hasPermission(request,authentication)").and()
.addFilterBefore(corsFilter,UsernamePasswordAuthenticationFilter.class)
.addFilterAt(codeUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class).exceptionHandling()
.authenticationEntryPoint((request, response, authException) -> {
String result = JSON.toJSONString(JsonUtil.getResultJson(ResultCodeEnum.NOLOGIN));
HttpHelper.setResponseJsonData(response,result);
}).and()
.addFilterBefore(corsFilter,LogoutFilter.class)
.formLogin().loginProcessingUrl("/login").permitAll().and()
.logout().logoutSuccessHandler(logoutSuccessHandler()).permitAll();
http.csrf().disable();
}
示例13: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable() // We don't need CSRF for JWT based authentication
.exceptionHandling()
.authenticationEntryPoint(this.authenticationEntryPoint)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers(ADMIN_LOGIN_ENTRY_POINT).permitAll()
.antMatchers(FORM_BASED_LOGIN_ENTRY_POINT).permitAll() // Login end-point
.antMatchers(TOKEN_REFRESH_ENTRY_POINT).permitAll() // Token refresh end-point
.and()
.authorizeRequests()
.antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated() // Protected API End-points
.and()
.addFilterBefore(buildAjaxLoginProcessingFilter(), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(), UsernamePasswordAuthenticationFilter.class);
}
示例14: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity http) throws Exception {
http// disable CSRF, http basic, form login
.csrf().disable() //
.httpBasic().disable() //
.formLogin().disable()
// ReST is stateless, no sessions
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) //
.and()
// return 403 when not authenticated
.exceptionHandling().authenticationEntryPoint(new NoAuthenticationEntryPoint());
// Let child classes set up authorization paths
setupAuthorization(http);
http.addFilterBefore(jsonWebTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
示例15: configure
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; //導入依賴的package包/類
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
// we don't need CSRF because our token is invulnerable
.csrf().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
// don't create session
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests()
// allow auth url
.antMatchers("/auth").permitAll()
.anyRequest().authenticated();
// custom JWT based security filter
httpSecurity.addFilterBefore(authenticationFilterBean(), UsernamePasswordAuthenticationFilter.class);
// disable page caching
httpSecurity.headers().cacheControl();
}