protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .anyRequest().authenticated() .requestMatchers(new AntPathRequestMatcher("/**")).permitAll(); } }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http .authorizeRequests() .requestMatchers(new AntPathRequestMatcher("/user/{user}", null, false)).access("#user == 'user'") .anyRequest().denyAll(); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http .authorizeRequests() .requestMatchers(new AntPathRequestMatcher("/user/{userName}", null, false)).access("#userName == 'user'") .anyRequest().denyAll(); // @formatter:on }
private void configureEndpointAccessAnonymously(final ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests, final EndpointRequest.EndpointRequestMatcher endpoint) { requests.requestMatchers(endpoint).anonymous(); }
private void configureEndpointAccessPermitAll(final ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests, final EndpointRequest.EndpointRequestMatcher endpoint) { requests.requestMatchers(endpoint).permitAll(); }
private void configureEndpointAccessToDenyAll(final ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests, final EndpointRequest.EndpointRequestMatcher endpoint) { requests.requestMatchers(endpoint).denyAll(); }
private void configureEndpointAccessByAuthority(final ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests, final ActuatorEndpointProperties properties, final EndpointRequest.EndpointRequestMatcher endpoint) throws Exception { requests.requestMatchers(endpoint) .hasAnyAuthority(properties.getRequiredAuthorities().toArray(ArrayUtils.EMPTY_STRING_ARRAY)) .and() .httpBasic(); }
private void configureEndpointAccessByRole(final ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests, final ActuatorEndpointProperties properties, final EndpointRequest.EndpointRequestMatcher endpoint) throws Exception { requests.requestMatchers(endpoint) .hasAnyRole(properties.getRequiredRoles().toArray(ArrayUtils.EMPTY_STRING_ARRAY)) .and() .httpBasic(); }
@Override protected void configure(final HttpSecurity http) throws Exception { http.cors().and().csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .sessionAuthenticationStrategy(sessionAuthenticationStrategy()).and() .addFilterBefore(keycloakPreAuthActionsFilter(), LogoutFilter.class) .addFilterBefore(keycloakAuthenticationProcessingFilter(), X509AuthenticationFilter.class) .exceptionHandling().authenticationEntryPoint(authenticationEntryPoint()).and() .authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() .requestMatchers(CorsUtils::isCorsRequest).permitAll() .antMatchers(urlPath()).authenticated() //允许被登录用户访问 .anyRequest().permitAll(); }
@Override public void configure(HttpSecurity http) throws Exception { http.anonymous().and().antMatcher("/user").authorizeRequests() .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(). antMatchers(AUTH_WHITELIST).permitAll(). antMatchers("/actuator/**").permitAll(). anyRequest().authenticated() .and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) .ignoringAntMatchers("/instances", "/actuator/**"); } }
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .mvcMatchers("/admin").hasRole("ADMIN") .requestMatchers(EndpointRequest.to("info", "health")).permitAll() .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR") .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll() .antMatchers("/events/**").hasRole("USER") .antMatchers("/**").permitAll() .and().httpBasic(); } }
public void permitRegex(HttpSecurity http, String pathExpression, String httpMethod) throws Exception { http .authorizeRequests() .requestMatchers( new RegexRequestMatcher(pathExpression, httpMethod) ) .permitAll(); }
private void configureEndpointAccessByIpAddress(final ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests, final ActuatorEndpointProperties properties, final EndpointRequest.EndpointRequestMatcher endpoint) { val addresses = properties.getRequiredIpAddresses() .stream() .map(address -> "hasIpAddress('" + address + "')") .collect(Collectors.joining(" or ")); requests .requestMatchers(endpoint) .access(addresses); }
public void permitAntPath(HttpSecurity http, String antPath, String httpMethod) throws Exception { http .authorizeRequests() .requestMatchers( new AntPathRequestMatcher(antPath, httpMethod) ) .permitAll(); }
private void configureEndpointAccessAuthenticated(final ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry requests, final EndpointRequest.EndpointRequestMatcher endpoint) throws Exception { requests.requestMatchers(endpoint) .authenticated() .and() .httpBasic(); }
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .requestMatchers( EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class)) .permitAll().anyRequest().authenticated().and().formLogin().and() .httpBasic(); }
@Override public void configure(HttpSecurity http) throws Exception { http.anonymous().and().antMatcher("/user").authorizeRequests() .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(). antMatchers(AUTH_WHITELIST).permitAll(). anyRequest().authenticated() .and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); } }
@Override public void configure(HttpSecurity http) throws Exception { http.anonymous().and().antMatcher("/user").authorizeRequests() .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(). antMatchers(AUTH_WHITELIST).permitAll(). anyRequest().authenticated() .and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); } }
@Override public void configure(HttpSecurity http) throws Exception { http.anonymous().and().antMatcher("/user").authorizeRequests() .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(). antMatchers(AUTH_WHITELIST).permitAll(). anyRequest().authenticated() .and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); } }
@Override public void configure(HttpSecurity http) throws Exception { http.anonymous().and().antMatcher("/user").authorizeRequests() .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(). antMatchers(AUTH_WHITELIST).permitAll(). anyRequest().authenticated() .and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); } }