@Override public void configure(HttpSecurity http) throws Exception { SmsAuthenticationFilter smsAuthenticationFilter = new SmsAuthenticationFilter(); smsAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); smsAuthenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler); smsAuthenticationFilter.setAuthenticationFailureHandler(authenticationFailureHandler); SmsAuthenticationProvider smsAuthenticationProvider = new SmsAuthenticationProvider(); smsAuthenticationProvider.setUserDetailService(userDetailService); http.authenticationProvider(smsAuthenticationProvider) .addFilterAfter(smsAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }
/** * 匹配 "/" 路径,不需要权限即可访问 * 匹配 "/user" 及其以下所有路径,都需要 "USER" 权限 * 登录地址为 "/login",登录成功默认跳转到页面 "/user" * 退出登录的地址为 "/logout",退出成功后跳转到页面 "/login" * 默认启用 CSRF */ @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/", "/header.html").permitAll() .antMatchers("/user/**").hasRole("USER") .and() .formLogin().loginPage("/login").defaultSuccessUrl("/user") .and() .logout().logoutUrl("/logout").logoutSuccessUrl("/login"); // 在 UsernamePasswordAuthenticationFilter 前添加 BeforeLoginFilter http.addFilterBefore(new BeforeLoginFilter(), UsernamePasswordAuthenticationFilter.class); // 在 CsrfFilter 后添加 AfterCsrfFilter http.addFilterAfter(new AfterCsrfFilter(), CsrfFilter.class); }
@Override public void configure(HttpSecurity http) throws Exception { MobileAuthenticationFilter mobileAuthenticationFilter = new MobileAuthenticationFilter(); mobileAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); mobileAuthenticationFilter.setAuthenticationSuccessHandler(mobileLoginSuccessHandler); MobileAuthenticationProvider mobileAuthenticationProvider = new MobileAuthenticationProvider(); mobileAuthenticationProvider.setUserService(userService); http.authenticationProvider(mobileAuthenticationProvider) .addFilterAfter(mobileAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }
@Configuration public class OAuth2Config extends AuthorizationServerSecurityConfiguration { @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); http.addFilterAfter(myFilter(), BasicAuthenticationFilter.class); } }
@Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired TosFilter rolesFilter; @Override public void configure(HttpSecurity httpSecurity) throws Exception{ httpSecurity .addFilterAfter(rolesFilter, AbstractPreAuthenticatedProcessingFilter.class) .csrf().disable() .authorizeRequests().anyRequest().permitAll(); } }
protected void addFilter(HttpSecurity http, Class<? extends Filter> filterClass) { Optional.of(serviceProviderBuilder) .map(spb -> spb.getSharedObject(filterClass)) .ifPresent(filter -> { http.addFilterAfter(filter, afterFilter); afterFilter = filter.getClass(); }); }
@Override public void configure(HttpSecurity http) throws Exception { http.addFilterAfter(new ClientErrorLoggingFilter(errorCodes), FilterSecurityInterceptor.class); }
@Override public void configure(HttpSecurity http) throws Exception { //排除Swagger文档 http.authorizeRequests().antMatchers("/v2/api-docs").permitAll().and().csrf().disable() .authorizeRequests().anyRequest().authenticated().filterSecurityInterceptorOncePerRequest(false) .and().addFilterAfter(securityAccessInterceptor(), FilterSecurityInterceptor.class); log.info("Security Access Control is enabled on Resource Server Application"); }
@Override protected void configure(HttpSecurity http) throws Exception { //排除Swagger文档 http.authorizeRequests().antMatchers("/v2/api-docs").permitAll().and().csrf().disable() .authorizeRequests().anyRequest().authenticated().filterSecurityInterceptorOncePerRequest(false) .and().addFilterAfter(securityAccessInterceptor(), FilterSecurityInterceptor.class); log.info("Security Access Control is enabled on Web Application"); } }
@Override public void configure(HttpSecurity http) throws Exception { http.formLogin().and().authorizeRequests().antMatchers(HttpMethod.POST, "/api/applications") .permitAll()// .antMatchers("/mgmt/health").permitAll()// .anyRequest().authenticated()// .and().csrf().ignoringAntMatchers("/api/**", "/mgmt/**") .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().and().logout().and().authorizeRequests() .antMatchers("/**/*.html", "/").permitAll().anyRequest() .authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().and().logout().and().authorizeRequests() .antMatchers("/**/*.html", "/").permitAll().anyRequest() .authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().and().logout().and().authorizeRequests() .antMatchers("/**/*.html", "/").permitAll().anyRequest() .authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/index.html", "/home.html", "/", "/bower_components/**", "/elements/*") .permitAll().anyRequest().authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers(HttpMethod.POST, "/api/applications").permitAll()// .antMatchers("/mgmt/health").permitAll()// .anyRequest().authenticated()// .and().csrf().ignoringAntMatchers("/api/**", "/mgmt/**") .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override public void configure(HttpSecurity builder) throws Exception { OAuth2ClientAuthenticationProcessingFilter ssoFilter = this.filter; ssoFilter.setSessionAuthenticationStrategy( builder.getSharedObject(SessionAuthenticationStrategy.class)); builder.addFilterAfter(ssoFilter, AbstractPreAuthenticatedProcessingFilter.class); }
@Override public void configure(HttpSecurity builder) throws Exception { OAuth2ClientAuthenticationProcessingFilter ssoFilter = this.filter; ssoFilter.setSessionAuthenticationStrategy( builder.getSharedObject(SessionAuthenticationStrategy.class)); builder.addFilterAfter(ssoFilter, AbstractPreAuthenticatedProcessingFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { http .addFilterAfter(new JwtCsrfValidatorFilter(), CsrfFilter.class) .csrf() .csrfTokenRepository(jwtCsrfTokenRepository) .ignoringAntMatchers(ignoreCsrfAntMatchers) .and() .authorizeRequests() .antMatchers("/**") .permitAll(); }
@Override protected void configure(final HttpSecurity http) throws Exception { http.antMatcher("/**").authorizeRequests() .antMatchers("/", "/login**", "/lib/**", "/js/**", "/img/**", "/css/**", "/fonts/**", "/templates/**") .permitAll().anyRequest().authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf().csrfTokenRepository(csrfTokenRepository()) .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class) .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); }
@Override public void configure(HttpSecurity http) throws Exception { AjaxAuthenticationFilter ajaxAuthenticationFilter = new AjaxAuthenticationFilter(); ajaxAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class)); ajaxAuthenticationFilter.setAuthenticationSuccessHandler(jwtLoginSuccessHandler); AjaxAuthenticationProvider ajaxAuthenticationProvider = new AjaxAuthenticationProvider(); ajaxAuthenticationProvider.setUserFeignApi(userFeignApi); http.authenticationProvider(ajaxAuthenticationProvider) .addFilterAfter(ajaxAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); } }