當前位置: 首頁>>代碼示例>>Java>>正文


Java CsrfToken類代碼示例

本文整理匯總了Java中org.springframework.security.web.csrf.CsrfToken的典型用法代碼示例。如果您正苦於以下問題:Java CsrfToken類的具體用法?Java CsrfToken怎麽用?Java CsrfToken使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。


CsrfToken類屬於org.springframework.security.web.csrf包,在下文中一共展示了CsrfToken類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    // Spring put the CSRF token in session attribute "_csrf"
    CsrfToken csrfToken = (CsrfToken) request.getAttribute("_csrf");

    // Send the cookie only if the token has changed
    String actualToken = request.getHeader("X-CSRF-TOKEN");
    if (actualToken == null || !actualToken.equals(csrfToken.getToken())) {
        // Session cookie that will be used by AngularJS
        String pCookieName = "CSRF-TOKEN";
        Cookie cookie = new Cookie(pCookieName, csrfToken.getToken());
        cookie.setMaxAge(-1);
        cookie.setHttpOnly(false);
        cookie.setPath("/");
        response.addCookie(cookie);
    }
    filterChain.doFilter(request, response);
}
 
開發者ID:GastonMauroDiaz,項目名稱:buenojo,代碼行數:19,代碼來源:CsrfCookieGeneratorFilter.java

示例2: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
private Filter csrfHeaderFilter() {
	return new OncePerRequestFilter() {
		@Override
		protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
				FilterChain filterChain) throws ServletException, IOException {
			CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
			if (csrf != null) {
				Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
				String token = csrf.getToken();
				if (cookie == null || token != null && !token.equals(cookie.getValue())) {
					cookie = new Cookie("XSRF-TOKEN", token);
					cookie.setPath("/");
					response.addCookie(cookie);
				}
			}
			filterChain.doFilter(request, response);
		}
	};
}
 
開發者ID:ksambhav,項目名稱:trueyes,代碼行數:20,代碼來源:WebfrontUIApplication.java

示例3: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
    throws ServletException, IOException
{
  CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
  if (csrf != null) {
    Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
    String token = csrf.getToken();
    if (cookie == null || token != null && !token.equals(cookie.getValue())) {
      cookie = new Cookie("XSRF-TOKEN", token);
      cookie.setPath("/");
      response.addCookie(cookie);
    }
  }
  filterChain.doFilter(request, response);
}
 
開發者ID:kreinhard,項目名稱:OpenViSu,代碼行數:17,代碼來源:CsrfHeaderFilter.java

示例4: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
private Filter csrfHeaderFilter() {
    return new OncePerRequestFilter() {
        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                                        FilterChain filterChain) throws ServletException, IOException {
            CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
            if (csrf != null) {
                Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
                String token = csrf.getToken();
                if (cookie == null || token != null && !token.equals(cookie.getValue())) {
                    cookie = new Cookie("XSRF-TOKEN", token);
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
            }
            filterChain.doFilter(request, response);
        }
    };
}
 
開發者ID:restbucks,項目名稱:restbucks-member,代碼行數:20,代碼來源:WebSecurityConfiguration.java

示例5: postHandle

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response,
		Object handler, ModelAndView modelAndView) throws Exception {
	
	// A veces "modelAndView" es null cuando no encuentra la pagina
	if (modelAndView != null) {
		// CSRF
		CsrfToken token = (CsrfToken) request.getAttribute("_csrf");
		modelAndView.addObject("_csrf", token);
		
		// User role
		if (sessionService.getUsuarioActual() != null) {
			modelAndView.addObject("isAdmin", sessionService.usuarioActualHasRole("ROLE_ADMIN"));
		}
	}
	
}
 
開發者ID:arubioVK,項目名稱:La-Apostada,代碼行數:18,代碼來源:HandlerConfiguration.java

示例6: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
private Filter csrfHeaderFilter() {
	return new OncePerRequestFilter() {
		@Override
		protected void doFilterInternal(HttpServletRequest request,
		                                HttpServletResponse response, FilterChain filterChain)
				throws ServletException, IOException {
			CsrfToken csrf = (CsrfToken) request
					.getAttribute(CsrfToken.class.getName());
			if (csrf != null) {
				Cookie cookie = new Cookie("XSRF-TOKEN",
						csrf.getToken());
				cookie.setPath("/");
				response.addCookie(cookie);
			}
			filterChain.doFilter(request, response);
		}
	};
}
 
開發者ID:JerryNiu,項目名稱:cloud,代碼行數:19,代碼來源:ResourceServerConfig.java

示例7: getCsrfToken

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
/**
 * Retrieves the CSRF token from the server session.
 *
 * @param request {@link HttpServletRequest} to retrieve the current session from
 * @param response {@link HttpServletResponse} to send additional information
 * @return the Spring Security {@link CsrfToken}
 */
@Produces(MediaType.APPLICATION_JSON)
@GET
@Path("/csrftoken/")
@PermitAll
public CsrfToken getCsrfToken(@Context HttpServletRequest request, @Context HttpServletResponse response) {

  // return (CsrfToken) request.getSession().getAttribute(
  // HttpSessionCsrfTokenRepository.class.getName().concat(".CSRF_TOKEN"));
  CsrfToken token = this.csrfTokenRepository.loadToken(request);
  if (token == null) {
    LOG.warn("No CsrfToken could be found - instanciating a new Token");
    token = this.csrfTokenRepository.generateToken(request);
    this.csrfTokenRepository.saveToken(token, request, response);
  }
  return token;
}
 
開發者ID:oasp,項目名稱:oasp-tutorial-sources,代碼行數:24,代碼來源:SecurityRestServiceImpl.java

示例8: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
private Filter csrfHeaderFilter()
{
  return new OncePerRequestFilter() {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
        throws ServletException, IOException
    {
      CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
      if (csrf != null) {
        Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
        String token = csrf.getToken();
        if (cookie == null || token != null && !token.equals(cookie.getValue())) {
          cookie = new Cookie("XSRF-TOKEN", token);
          cookie.setPath("/");
          response.addCookie(cookie);
        }
      }
      filterChain.doFilter(request, response);
    }
  };
}
 
開發者ID:kreinhard,項目名稱:OpenViSu,代碼行數:22,代碼來源:SecurityConfiguration.java

示例9: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
@Override
protected void doFilterInternal(
        HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
        throws ServletException, IOException {
    if (ignoredMatcher.matches(request)) {
        filterChain.doFilter(request, response);
        return;
    }

    final CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());

    if (csrf != null) {
        Cookie cookie = WebUtils.getCookie(request, ANGULAR_CSRF_DEFAULT_COOKIE_NAME);

        if (cookie == null || csrf.getToken() != null && !csrf.getToken().equals(cookie.getValue())) {
            cookie = new Cookie(ANGULAR_CSRF_DEFAULT_COOKIE_NAME, csrf.getToken());
            cookie.setMaxAge(-1);
            cookie.setPath(getCookiePath(request));
            cookie.setSecure(request.isSecure());
            response.addCookie(cookie);
        }
    }

    filterChain.doFilter(request, response);
}
 
開發者ID:suomenriistakeskus,項目名稱:oma-riista-web,代碼行數:26,代碼來源:CsrfCookieGeneratorFilter.java

示例10: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
private Filter csrfHeaderFilter() {
	return new OncePerRequestFilter() {
		@Override
		protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
			CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
			if (csrf != null) {
				Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
				String token = csrf.getToken();
				if (cookie == null || token != null && !token.equals(cookie.getValue())) {
					cookie = new Cookie("XSRF-TOKEN", token);
					cookie.setPath("/");
					response.addCookie(cookie);
				}
			}
			filterChain.doFilter(request, response);
		}
	};
}
 
開發者ID:gjk0090,項目名稱:complete-transaction-management,代碼行數:19,代碼來源:MainApplication.java

示例11: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
private Filter csrfHeaderFilter() {
    return new OncePerRequestFilter() {
        @Override
        protected void doFilterInternal(HttpServletRequest request,
                                        HttpServletResponse response, FilterChain filterChain)
                throws ServletException, IOException {
            CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class
                    .getName());
            if (csrf != null) {
                Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
                String token = csrf.getToken();
                if (cookie == null || token != null
                        && !token.equals(cookie.getValue())) {
                    cookie = new Cookie("XSRF-TOKEN", token);
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
            }
            filterChain.doFilter(request, response);
        }
    };
}
 
開發者ID:ortolanph,項目名稱:hojeehdiaderua,代碼行數:23,代碼來源:SecurityConfig.java

示例12: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
@Override
protected void doFilterInternal(HttpServletRequest request,
    HttpServletResponse response, FilterChain filterChain)
    throws ServletException, IOException {
  CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class
      .getName());
  if (csrf != null) {
    Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
    String token = csrf.getToken();
    if (cookie==null || token!=null && !token.equals(cookie.getValue())) {
      cookie = new Cookie("XSRF-TOKEN", token);
      cookie.setPath("/");
      response.addCookie(cookie);
    }
  }
  filterChain.doFilter(request, response);
}
 
開發者ID:denis-rodionov,項目名稱:cityoffice,代碼行數:18,代碼來源:CsrfHeaderFilter.java

示例13: doFilterInternal

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    
	
	// Spring put the CSRF token in session attribute "_csrf"
    CsrfToken csrfToken = (CsrfToken) request.getAttribute("_csrf");

    // Send the cookie only if the token has changed
    String actualToken = request.getHeader("X-CSRF-TOKEN");
    if (actualToken == null || !actualToken.equals(csrfToken.getToken())) {
        // Session cookie that will be used by AngularJS
        String pCookieName = "CSRF-TOKEN";
        Cookie cookie = new Cookie(pCookieName, csrfToken.getToken());
        cookie.setMaxAge(-1);
        cookie.setHttpOnly(false);
        cookie.setPath("/");
        response.addCookie(cookie);
    }
    
	response.addHeader("Access-Control-Allow-Origin", "*");
	response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
	response.setHeader("Access-Control-Max-Age", "86400"); // 24 Hours
	response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, x-auth-token");
    
    filterChain.doFilter(request, response);
}
 
開發者ID:arhs-cube-gameofcode,項目名稱:gameofcode,代碼行數:27,代碼來源:CsrfCookieGeneratorFilter.java

示例14: testSaveAndLoadToken

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
@Test
public void testSaveAndLoadToken() throws Exception {
    CookieCsrfTokenRepository csrfTokenRepository = new CookieCsrfTokenRepository();
    String csrfCookieName = "csrfCookie";
    csrfTokenRepository.setCsrfCookieName(csrfCookieName);
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    CsrfToken token = csrfTokenRepository.generateToken(request);
    csrfTokenRepository.saveToken(token, request, response);

    Cookie cookie = response.getCookie(csrfCookieName);
    assertNotNull(cookie);
    assertEquals(token.getToken(), cookie.getValue());
    assertEquals(true, cookie.isHttpOnly());

    request.setCookies(cookie);

    CsrfToken saved = csrfTokenRepository.loadToken(request);
    assertEquals(token.getToken(), saved.getToken());
    assertEquals(token.getHeaderName(), saved.getHeaderName());
    assertEquals(token.getParameterName(), saved.getParameterName());
}
 
開發者ID:AusDTO,項目名稱:spring-security-stateless,代碼行數:23,代碼來源:CookieCsrfTokenRepositoryTest.java

示例15: csrfHeaderFilter

import org.springframework.security.web.csrf.CsrfToken; //導入依賴的package包/類
private Filter csrfHeaderFilter()
{
  return new OncePerRequestFilter()
  {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                                    FilterChain filterChain)
      throws ServletException, IOException
    {
      CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
      if(csrf != null)
      {
        Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
        String token = csrf.getToken();
        if(cookie == null || token != null && !token.equals(cookie.getValue()))
        {
          cookie = new Cookie("XSRF-TOKEN", token);
          cookie.setPath("/");
          response.addCookie(cookie);
        }
      }
      filterChain.doFilter(request, response);
    }
  };
}
 
開發者ID:fetox74,項目名稱:eve-oauth2-example,代碼行數:26,代碼來源:EveOAuth2Example.java


注:本文中的org.springframework.security.web.csrf.CsrfToken類示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。