@Override public void configure(WebSecurity web) { String ignoreURLs = env.getProperty("nacos.security.ignore.urls", "/**"); for (String ignoreURL : ignoreURLs.trim().split(SECURITY_IGNORE_URLS_SPILT_CHAR)) { web.ignoring().antMatchers(ignoreURL.trim()); } }
@Override public void configure(WebSecurity web) throws Exception { String ignoreUrl = StringUtils.deleteWhitespace(env.getProperty("security.ignore.url")); if(StringUtils.isNotBlank(ignoreUrl)){ String[] ignoreUrls = ignoreUrl.split(","); for(int i = 0; i < ignoreUrls.length; i++){ web.ignoring().antMatchers(ignoreUrls[i]); } } web.httpFirewall(httpFirewall()); }
@Override public void configure(WebSecurity web) throws Exception { web.ignoring() .antMatchers("/**/*.css", "/**/*.js", "/**/*.html"); }
@Override public void configure(WebSecurity web) throws Exception { web.ignoring() .antMatchers("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.html"); }
@Override public void configure(WebSecurity web) throws Exception { //@formatter:off web .ignoring() .antMatchers(UNSECURED_RESOURCE_LIST); //@formatter:on }
@Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); } }
@Override public void configure(WebSecurity web) throws Exception { web.httpFirewall(allowUrlEncodedSlashHttpFirewall()); web.ignoring().antMatchers(AUTH_WHITELIST); web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); }
@Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); web.ignoring().antMatchers("/auth/api.html", "/actuator/**", "/imgs/**", "/css/**", "/hystrix/monitor/**", "/hystrix/**", "/public/**", "/swagger-ui.html", "/api.html", "/js/swagger-oauth.js", "/images/pacman_logo.svg", "/js/swagger.js", "/js/swagger-ui.js", "/images/favicon-32x32.png", "/images/favicon-16x16.png", "/images/favicon.ico", "/swagger-resources/**", "/v2/api-docs/**", "/webjars/**", "/v1/auth/**", "/client-auth/**", "/user/login/**", "/auth/refresh/**", "/user/authorize/**", "/user/refresh/**"); }
@Override public void configure(WebSecurity web) throws Exception { //All of these URIs are public URLs, and should not be processed in the context of a user. //As a result we explicitly bypass the whole spring security filter. //This also has the added benefit of avoiding Spring Security's conservative cache control headers, //allowing us to control them ourselves web.ignoring().antMatchers(HttpMethod.GET, "/connect/**", "/health/**", "/css/**", "/js/**", "/images/**", "/**/favicon.ico") .antMatchers(HttpMethod.POST, "/connect/**"); } }
/** * {@inheritDoc} */ @Override public void configure(final WebSecurity web) throws Exception { web.ignoring().antMatchers("/webjars/**", "/images/**", "/css/**", "/templates/**", "/js/**", "/vendor/**"); }
@Override public void configure(WebSecurity web) throws Exception { web.httpFirewall(allowUrlEncodedSlashHttpFirewall()); web.ignoring().antMatchers(AUTH_WHITELIST); web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); }
@Override public void configure(WebSecurity web) throws Exception { //忽略权限校验的访问路径 web .ignoring() .antMatchers( "/hello", "/favicon.ico", "/swagger**/**", "/*/api-docs", "/webjars/**", "/*/sms/captcha", "/*/user/password", "/*/currency/**" ) .antMatchers(HttpMethod.POST, "/*/user") ; }
/** * 在此配置不过滤的请求 */ @Override public void configure(WebSecurity web) throws Exception { //每一个请求对应一个空的filter链,这里一般不要配置过多, // 因为查找处是一个for循环,过多就导致每个请求都需要循环一遍直到找到 web.ignoring().antMatchers("/","/login","/favicon.ico"); }
@Override public void configure(WebSecurity web) throws Exception { // AuthenticationTokenFilter will ignore the below paths web .ignoring() .antMatchers( HttpMethod.POST, authenticationPath ) // allow anonymous resource requests .and() .ignoring() .antMatchers( HttpMethod.GET, "/", "/*.html", "/favicon.ico", "/**/*.html", "/**/*.css", "/**/*.js" ) // Un-secure H2 Database (for testing purposes, H2 console shouldn't be unprotected in production) .and() .ignoring() .antMatchers("/h2-console/**/**"); } }
@Override public void configure(WebSecurity webSecurity) throws Exception { // ignore the access endpoints for obtaining the access config, the access token // granting, and access status for a given user (note: we are not ignoring the // the /access/download-token and /access/ui-extension-token endpoints webSecurity .ignoring() .antMatchers("/access", "/access/config", "/access/token", "/access/kerberos", "/access/oidc/**", "/access/knox/**"); }
@Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/resources/static/**"); }
@Override public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/resources/**"); }
@Override public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/ignore1", "/ignore2"); }
@Override public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/resources/**", "/public/**"); }
@Override public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/resources/**"); }