Tabnine Logo
HttpSecurity.addFilterBefore
Code IndexAdd Tabnine to your IDE (free)

How to use
addFilterBefore
method
in
org.springframework.security.config.annotation.web.builders.HttpSecurity

Best Java code snippets using org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterBefore (Showing top 20 results out of 1,017)

Official Spring framework guide
origin: spring-guides/tut-spring-boot-oauth2

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**").permitAll().anyRequest()
      .authenticated().and().exceptionHandling()
      .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout()
      .logoutSuccessUrl("/").permitAll().and().csrf()
      .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
      .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
  // @formatter:on
}
Official Spring framework guide
origin: spring-guides/tut-spring-boot-oauth2

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**", "/error**").permitAll().anyRequest()
      .authenticated().and().exceptionHandling()
      .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout()
      .logoutSuccessUrl("/").permitAll().and().csrf()
      .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
      .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
  // @formatter:on
}
Official Spring framework guide
origin: spring-guides/tut-spring-boot-oauth2

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**", "/error**").permitAll().anyRequest()
      .authenticated().and().exceptionHandling()
      .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout()
      .logoutSuccessUrl("/").permitAll().and().csrf()
      .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
      .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
  // @formatter:on
}
origin: spring-projects/spring-security

@Override
public void configure(HttpSecurity http) {
  http.addFilterBefore(this.myFilter, UsernamePasswordAuthenticationFilter.class);
}
origin: macrozheng/mall

httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
origin: alibaba/nacos

@Override
protected void configure(HttpSecurity http) throws Exception {
  http
    .authorizeRequests()
    .anyRequest().authenticated().and()
    // custom token authorize exception handler
    .exceptionHandling()
    .authenticationEntryPoint(unauthorizedHandler).and()
    // since we use jwt, session is not necessary
    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
    // since we use jwt, csrf is not necessary
    .csrf().disable();
  http.addFilterBefore(new JwtAuthenticationTokenFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);
  // disable cache
  http.headers().cacheControl();
}
origin: stackoverflow.com

 @Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
  @Override
  protected void configure(HttpSecurity http) throws Exception {
    CharacterEncodingFilter filter = new CharacterEncodingFilter();
    filter.setEncoding("UTF-8");
    filter.setForceEncoding(true);
    http.addFilterBefore(filter,CsrfFilter.class);
    //rest of your code   
  }
//rest of your code
}
origin: spring-projects/spring-security-oauth

@Override
public void configure(HttpSecurity http) throws Exception {
  
  // ensure this is initialized
  frameworkEndpointHandlerMapping();
  if (allowFormAuthenticationForClients) {
    clientCredentialsTokenEndpointFilter(http);
  }
  for (Filter filter : tokenEndpointAuthenticationFilters) {
    http.addFilterBefore(filter, BasicAuthenticationFilter.class);
  }
  http.exceptionHandling().accessDeniedHandler(accessDeniedHandler);
}
origin: szerhusenBC/jwt-spring-security-demo

@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
  httpSecurity
    // we don't need CSRF because our token is invulnerable
    .csrf().disable()
    .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
    // don't create session
    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
    .authorizeRequests()
    // Un-secure H2 Database
    .antMatchers("/h2-console/**/**").permitAll()
    .antMatchers("/auth/**").permitAll()
    .anyRequest().authenticated();
  httpSecurity
    .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
  // disable page caching
  httpSecurity
    .headers()
    .frameOptions().sameOrigin()  // required to set for H2 else H2 Console will be blank.
    .cacheControl();
}
origin: spring-projects/spring-security-oauth

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off	
  http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
    .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
    .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
  .and()
    .anonymous().disable()
    .csrf().disable()
    .exceptionHandling()
      .authenticationEntryPoint(new OAuth2AuthenticationEntryPoint())
      .accessDeniedHandler(new OAuth2AccessDeniedHandler());
  // @formatter:on
}
origin: spring-projects/spring-security-oauth

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off	
  http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
    .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
    .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
  .and()
    .anonymous().disable()
    .csrf().disable()
    .exceptionHandling()
      .authenticationEntryPoint(new OAuth2AuthenticationEntryPoint())
      .accessDeniedHandler(new OAuth2AccessDeniedHandler());
  // @formatter:on
}
origin: spring-projects/spring-security-oauth

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off	
  http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
    .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
    .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
  .and()
    .anonymous().disable()
    .csrf().disable()
    .exceptionHandling()
      .authenticationEntryPoint(new OAuth2AuthenticationEntryPoint())
      .accessDeniedHandler(new OAuth2AccessDeniedHandler());
  // @formatter:on
}
origin: spring-projects/spring-security-oauth

@Override
public void configure(HttpSecurity http) throws Exception {
  // @formatter:off	
  http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
    .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
    .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
  .and()
    .anonymous().disable()
    .csrf().disable()
    .exceptionHandling()
      .authenticationEntryPoint(new OAuth2AuthenticationEntryPoint())
      .accessDeniedHandler(new OAuth2AccessDeniedHandler());
  // @formatter:on
}
origin: spring-projects/spring-security-oauth

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off	
  http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
    .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
    .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
  .and()
    .anonymous().disable()
    .csrf().disable()
    .exceptionHandling()
      .authenticationEntryPoint(new OAuth2AuthenticationEntryPoint())
      .accessDeniedHandler(new OAuth2AccessDeniedHandler());
  // @formatter:on
}
origin: apache/nifi

@Override
protected void configure(HttpSecurity http) throws Exception {
  http
      .cors().and()
      .rememberMe().disable()
      .authorizeRequests()
        .anyRequest().fullyAuthenticated()
        .and()
      .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
  // x509
  http.addFilterBefore(x509FilterBean(), AnonymousAuthenticationFilter.class);
  // jwt
  http.addFilterBefore(jwtFilterBean(), AnonymousAuthenticationFilter.class);
  // otp
  http.addFilterBefore(otpFilterBean(), AnonymousAuthenticationFilter.class);
  // knox
  http.addFilterBefore(knoxFilterBean(), AnonymousAuthenticationFilter.class);
  // anonymous
  http.anonymous().authenticationFilter(anonymousFilterBean());
}
origin: spring-projects/spring-security-oauth

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off	
  http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
    // Just for laughs, apply OAuth protection to only 3 resources
    .requestMatchers().antMatchers("/","/admin/beans","/admin/health")
  .and()
    .authorizeRequests()
      .anyRequest().access("#oauth2.hasScope('read')").expressionHandler(new OAuth2WebSecurityExpressionHandler())
  .and()
    .anonymous().disable()
    .csrf().disable()
    .exceptionHandling()
      .authenticationEntryPoint(new OAuth2AuthenticationEntryPoint())
      .accessDeniedHandler(new OAuth2AccessDeniedHandler());
  // @formatter:on
}
origin: spring-projects/spring-security-oauth

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http.anonymous().disable()
    .antMatcher("/oauth/token")
    .authorizeRequests().anyRequest().authenticated()
  .and()
    .httpBasic().authenticationEntryPoint(authenticationEntryPoint())
  .and()
    .csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token")).disable()
    .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
  .and()
    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
  // @formatter:on
  ClientCredentialsTokenEndpointFilter filter = new ClientCredentialsTokenEndpointFilter();
  filter.setAuthenticationManager(super.authenticationManagerBean());
  filter.afterPropertiesSet();
  http.addFilterBefore(filter, BasicAuthenticationFilter.class);
}
origin: spring-projects/spring-security-oauth

@Override
public void configure(HttpSecurity http) throws Exception {
  AuthenticationManager oauthAuthenticationManager = oauthAuthenticationManager(http);
  resourcesServerFilter = new OAuth2AuthenticationProcessingFilter();
  resourcesServerFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
  resourcesServerFilter.setAuthenticationManager(oauthAuthenticationManager);
  if (eventPublisher != null) {
    resourcesServerFilter.setAuthenticationEventPublisher(eventPublisher);
  }
  if (tokenExtractor != null) {
    resourcesServerFilter.setTokenExtractor(tokenExtractor);
  }
  if (authenticationDetailsSource != null) {
    resourcesServerFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
  }
  resourcesServerFilter = postProcess(resourcesServerFilter);
  resourcesServerFilter.setStateless(stateless);
  // @formatter:off
  http
    .authorizeRequests().expressionHandler(expressionHandler)
  .and()
    .addFilterBefore(resourcesServerFilter, AbstractPreAuthenticatedProcessingFilter.class)
    .exceptionHandling()
      .accessDeniedHandler(accessDeniedHandler)
      .authenticationEntryPoint(authenticationEntryPoint);
  // @formatter:on
}
origin: spring-projects/spring-security-oauth

private ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter(HttpSecurity http) {
  ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter = new ClientCredentialsTokenEndpointFilter(
      frameworkEndpointHandlerMapping().getServletPath("/oauth/token"));
  clientCredentialsTokenEndpointFilter
      .setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
  OAuth2AuthenticationEntryPoint authenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
  authenticationEntryPoint.setTypeName("Form");
  authenticationEntryPoint.setRealmName(realm);
  clientCredentialsTokenEndpointFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
  clientCredentialsTokenEndpointFilter = postProcess(clientCredentialsTokenEndpointFilter);
  http.addFilterBefore(clientCredentialsTokenEndpointFilter, BasicAuthenticationFilter.class);
  return clientCredentialsTokenEndpointFilter;
}
origin: zhangxd1989/springboot-dubbox

  @Override
  protected void configure(HttpSecurity security) throws Exception {
    security
      .csrf().disable()
      .exceptionHandling().authenticationEntryPoint(new MyAuthenticationEntryPoint()).and()
      .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
      .authorizeRequests()
      .anyRequest().authenticated();

    // Custom JWT based security filter
    security
      .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
  }
}
org.springframework.security.config.annotation.web.buildersHttpSecurityaddFilterBefore

Popular methods of HttpSecurity

  • authorizeRequests
    Allows restricting access based upon the HttpServletRequest usingEXAMPLE CONFIGURATIONS The most bas
  • csrf
    Adds CSRF support. This is activated by default when using WebSecurityConfigurerAdapter's default co
  • logout
    Provides logout support. This is automatically applied when using WebSecurityConfigurerAdapter. The
  • formLogin
    Specifies to support form based authentication. If FormLoginConfigurer#loginPage(String) is not spec
  • httpBasic
    Configures HTTP Basic authentication.EXAMPLE CONFIGURATION The example below demonstrates how to con
  • exceptionHandling
    Allows configuring exception handling. This is automatically applied when using WebSecurityConfigure
  • sessionManagement
    Allows configuring of Session Management.EXAMPLE CONFIGURATION The following configuration demonstra
  • headers
    Adds the Security headers to the response. This is activated by default when using WebSecurityConfig
  • requestMatchers
    Allows specifying which HttpServletRequest instances this HttpSecurity will be invoked on. This meth
  • addFilterAfter
  • antMatcher
    Allows configuring the HttpSecurity to only be invoked when matching the provided ant pattern. If mo
  • anonymous
    Allows configuring how an anonymous user is represented. This is automatically applied when used in
  • antMatcher,
  • anonymous,
  • apply,
  • rememberMe,
  • getSharedObject,
  • cors,
  • requestMatcher,
  • authenticationProvider,
  • addFilter

Popular in Java

  • Creating JSON documents from java classes using gson
  • startActivity (Activity)
  • getSupportFragmentManager (FragmentActivity)
  • scheduleAtFixedRate (ScheduledExecutorService)
  • UnknownHostException (java.net)
    Thrown when a hostname can not be resolved.
  • Date (java.util)
    A specific moment in time, with millisecond precision. Values typically come from System#currentTime
  • PriorityQueue (java.util)
    A PriorityQueue holds elements on a priority heap, which orders the elements according to their natu
  • Scanner (java.util)
    A parser that parses a text string of primitive types and strings with the help of regular expressio
  • JTable (javax.swing)
  • Table (org.hibernate.mapping)
    A relational table
  • Top 12 Jupyter Notebook extensions
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now