@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and() .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**", "/error**").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and() .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**", "/error**").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and() .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on }
.csrf().and() .addFilter(new WebAsyncManagerIntegrationFilter()) .exceptionHandling().and()
@Override protected void configure(HttpSecurity http) throws Exception { http.antMatcher("/**") .authorizeRequests() .anyRequest() .authenticated() .and() .csrf() .and() .cors(); }
.csrf().and() .addFilter(new WebAsyncManagerIntegrationFilter()) .exceptionHandling().and()
@Override public void configure(HttpSecurity http) throws Exception { http.formLogin().and().authorizeRequests().antMatchers(HttpMethod.POST, "/api/applications") .permitAll()// .antMatchers("/mgmt/health").permitAll()// .anyRequest().authenticated()// .and().csrf().ignoringAntMatchers("/api/**", "/mgmt/**") .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { http .apply(stormpath()).and() .authorizeRequests() .antMatchers("/").permitAll() .antMatchers("/v1/instructions").permitAll() .antMatchers("/v1/r").permitAll().and() .csrf().ignoringAntMatchers("/v1/c").and() .csrf().ignoringAntMatchers("/v1/r"); } }
@Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().and().logout().and().authorizeRequests() .antMatchers("/**/*.html", "/").permitAll().anyRequest() .authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/index.html", "/home.html", "/", "/bower_components/**", "/elements/*") .permitAll().anyRequest().authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers(HttpMethod.POST, "/api/applications").permitAll()// .antMatchers("/mgmt/health").permitAll()// .anyRequest().authenticated()// .and().csrf().ignoringAntMatchers("/api/**", "/mgmt/**") .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().and().logout().and().authorizeRequests() .antMatchers("/**/*.html", "/").permitAll().anyRequest() .authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().and().logout().and().authorizeRequests() .antMatchers("/**/*.html", "/").permitAll().anyRequest() .authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { //@formatter:off http .authorizeRequests() .antMatchers("/").permitAll() .anyRequest().denyAll() .and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) .and() ; //@formatter:on } }
@Override protected void configure(HttpSecurity http) throws Exception { http .addFilterAfter(new JwtCsrfValidatorFilter(), CsrfFilter.class) .csrf() .csrfTokenRepository(jwtCsrfTokenRepository) .ignoringAntMatchers(ignoreCsrfAntMatchers) .and() .authorizeRequests() .antMatchers("/**") .permitAll(); }
@Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/uaa/**", "/login").permitAll().anyRequest().authenticated() .and() .csrf().requireCsrfProtectionMatcher(csrfRequestMatcher()).csrfTokenRepository(csrfTokenRepository()) .and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class) .logout().permitAll() .logoutSuccessUrl("/"); }
@Override public void configure(HttpSecurity http) throws Exception { http.logout() /*.and() .exceptionHandling() .authenticationEntryPoint( new Http401AuthenticationEntryPoint( "Session realm=\"JSESSIONID\""))*/.and() .antMatcher("/**").authorizeRequests() .antMatchers("/index.html", "/home.html", "/", "/login").permitAll().anyRequest() .authenticated().and().csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/login**").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and() .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class).addFilterBefore(new WechatOAuth2ClientContextFilter(), OAuth2ClientAuthenticationProcessingFilter.class); // @formatter:on }
@Override protected void configure(final HttpSecurity http) throws Exception { http.antMatcher("/**").authorizeRequests() .antMatchers("/", "/login**", "/lib/**", "/js/**", "/img/**", "/css/**", "/fonts/**", "/templates/**") .permitAll().anyRequest().authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf().csrfTokenRepository(csrfTokenRepository()) .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class) .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); }
protected HttpSecurity defaultHttp(HttpSecurity http) throws Exception { // @formatter:off return http.sessionManagement().sessionCreationPolicy(IF_REQUIRED) .and() .csrf().requireCsrfProtectionMatcher(requireCsrfProtectionMatcher()) .csrfTokenRepository(csrfTokenRepository()) .and() .addFilterAfter(weChatMpOAuth2AuthenticationProcessingFilter(wxMpService), CsrfFilter.class) .exceptionHandling() .authenticationEntryPoint(restAuthenticationEntryPoint()) .and(); // @formatter:on }