- disable
- csrfTokenRepository
Specify the CsrfTokenRepository to use. The default is an
HttpSessionCsrfTokenRepository wrapped by
- and
- requireCsrfProtectionMatcher
Specify the RequestMatcher to use for determining when CSRF should be applied.
The default is to ign
- ignoringAntMatchers
Allows specifying HttpServletRequest that should not use CSRF Protection even
if they match the #re
- <init>
Creates a new instance
- createAccessDeniedHandler
Creates the AccessDeniedHandler from the result of
#getDefaultAccessDeniedHandler(HttpSecurityBuilde
- getDefaultAccessDeniedHandler
Gets the default AccessDeniedHandler from the
ExceptionHandlingConfigurer#getAccessDeniedHandler() o
- getInvalidSessionStrategy
Gets the default InvalidSessionStrategy from the
SessionManagementConfigurer#getInvalidSessionStrate
- getRequireCsrfProtectionMatcher
Gets the final RequestMatcher to use by combining the
#requireCsrfProtectionMatcher(RequestMatcher)
- postProcess