/** * Forward Authentication Failure Handler * * @param forwardUrl the target URL in case of failure * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> failureForwardUrl(String forwardUrl) { failureHandler(new ForwardAuthenticationFailureHandler(forwardUrl)); return this; }
.loginPage("/sso/login") .successHandler(new GoAuthenticationSuccessHandler()) .failureHandler(new GoAuthenticationFailureHandler()) .and() .logout()
/** * Forward Authentication Failure Handler * * @param forwardUrl the target URL in case of failure * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> failureForwardUrl(String forwardUrl) { failureHandler(new ForwardAuthenticationFailureHandler(forwardUrl)); return this; }
.failureHandler(failHandler) .and()
/** * Forward Authentication Failure Handler * * @param forwardUrl the target URL in case of failure * @return the {@link FormLoginConfigurer} for additional customization */ public FormLoginConfigurer<H> failureForwardUrl(String forwardUrl) { failureHandler(new ForwardAuthenticationFailureHandler(forwardUrl)); return this; }
@Override protected void configure(HttpSecurity http) throws Exception{ http // .exceptionHandling().authenticationEntryPoint( restAuthenticationEntryPoint ).and() // .sessionManagement().sessionCreationPolicy( SessionCreationPolicy.STATELESS ).and() .addFilterBefore(jwtAuthenticationTokenFilter(), BasicAuthenticationFilter.class) .authorizeRequests() .antMatchers("/product/image/**").permitAll() .antMatchers(HttpMethod.GET, "/product/**").permitAll() .antMatchers(HttpMethod.GET, "/group/**").permitAll() .antMatchers("/cart/**").permitAll() .antMatchers("/v2/**").permitAll() .antMatchers("/swagger-ui.html").permitAll() .antMatchers("/webjars/**").permitAll() .antMatchers("/swagger-resources/**").permitAll() .anyRequest().authenticated() // .anyRequest().hasRole("admin") << Works with ROLE entities while we have SimpleGrantedAuthority... .anyRequest().hasAuthority("admin") // .httpBasic().disable(); .and().formLogin().successHandler(authenticationSuccessHandler) .failureHandler(authenticationFailureHandler) // From https://github.com/bfwg/springboot-jwt-starter .and().csrf().disable(); } }
protected void applyPasswordAuthenticationConfig(HttpSecurity http) throws Exception { http.formLogin() .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL) // 登录页面回调 .loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM) // 自定义的登录接口 .successHandler(myAuthenticationSuccessHandler) // 认证成功回调 .failureHandler(myAuthenticationFailureHandler); // 认证失败回调 }
protected void applyPasswordAuthenticationConfig(HttpSecurity http) throws Exception { http.formLogin() .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL) .loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM) .successHandler(imoocAuthenticationSuccessHandler) .failureHandler(imoocAuthenticationFailureHandler); }
protected void applyPasswordAuthenticationConfig(HttpSecurity http) throws Exception { http.formLogin() .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL) .loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM) .successHandler(tihomAuthenticationSuccessHandler) .failureHandler(tihomAuthenticationFailureHandler); }
/** * Configure. * * @param http the http * @throws Exception the exception */ public void configure(HttpSecurity http) throws Exception { http.formLogin() .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL) .loginProcessingUrl(SecurityConstants.DEFAULT_SIGN_IN_PROCESSING_URL_FORM) .successHandler(authenticationSuccessHandler) .failureHandler(authenticationFailureHandler); }
@Override public void configure(HttpSecurity http) throws Exception { // @formatter:off http.formLogin() .successHandler(appLoginInSuccessHandler)//登录成功处理器 .failureHandler(appLoginFailureHandler) .and() .exceptionHandling().authenticationEntryPoint(new AuthExceptionEntryPoint()) .and() .apply(permitAllSecurityConfig) .and() .authorizeRequests() .antMatchers("/user").hasRole("USER") .antMatchers("/forbidden").hasRole("ADMIN") .antMatchers("/permitAll").permitAll() .anyRequest().authenticated() .and() .csrf().disable(); // @formatter:ON }
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/account/**") .authenticated() .and() .formLogin() .usernameParameter("username") .passwordParameter("password") .loginPage("/login") .successHandler(successHandler) .failureHandler(failureHandler) .permitAll() .and() .logout() .invalidateHttpSession(true) .and() .csrf() .disable(); } }
@Override protected void configure(HttpSecurity http) throws Exception { String contextPath = sccaRestProperties.getContextPath(); http.authorizeRequests() .antMatchers(contextPath + "/**").authenticated() .anyRequest().permitAll() .and().formLogin().loginPage(contextPath + "/login").successHandler(authenticationSuccessHandler()).failureHandler(authenticationFailureHandler()).permitAll() .and().rememberMe().alwaysRemember(true) .and().logout().logoutUrl(contextPath + "/logout").logoutSuccessHandler(logoutSuccessHandler()).permitAll() .and().csrf().disable() .exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint); }
@Override protected void configure(HttpSecurity http) throws Exception { //http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED); http .authorizeRequests() .antMatchers("/signIn", "/signUp", "/security_check", "/404", "/captcha").permitAll() .antMatchers("/oauth/signUp").permitAll() .antMatchers("/management/**").hasAnyAuthority(RoleEnum.ROLE_ADMIN.name(), RoleEnum.ROLE_SUPER.name()) .anyRequest().authenticated() .and() .csrf().disable() .logout() .logoutUrl("/logout") .logoutSuccessUrl("/signIn?out") .and() .formLogin() .authenticationDetailsSource(authenticationDetailsSource) //重点 .failureHandler(customAuthenticationFailureHandler) .successHandler(customAuthenticationSuccessHandler) .loginPage("/signIn").loginProcessingUrl("/security_check").permitAll(); http.exceptionHandling().accessDeniedHandler(customAccessDeniedHandler); } }
/** * Configuring authentication. */ protected void login(HttpSecurity http) throws Exception { http .formLogin() // form login .loginPage(loginPage()) /****************************************** * Setting a successUrl would redirect the user there. Instead, * let's send 200 and the userDto along with an Authorization token. *****************************************/ .successHandler(authenticationSuccessHandler) /******************************************* * Setting the failureUrl will redirect the user to * that url if login fails. Instead, we need to send * 401. So, let's set failureHandler instead. *******************************************/ .failureHandler(new SimpleUrlAuthenticationFailureHandler()); }
@Override protected void configure(HttpSecurity httpSecurity) throws Exception { httpSecurity // we don't need CSRF because our token is invulnerable .csrf().disable() // All urls must be authenticated (filter for token always fires (/api/**) .authorizeRequests().antMatchers("/api/**").authenticated() .and() // Call our errorHandler if authentication/authorisation fails .exceptionHandling() .authenticationEntryPoint(unauthorizedHandler) .and() // don't create session (REST) .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); // Custom JWT based security filter httpSecurity .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class); // disable page caching httpSecurity.headers().cacheControl(); httpSecurity .formLogin() .loginProcessingUrl("/loginForm") .successHandler(customAuthenticationSuccessHandler) .failureHandler(new CustomAuthenticationFailureHandler()); }
@Override public void configure(HttpSecurity http) throws Exception { http.formLogin() .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL) .loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM) .successHandler(tihomAuthenticationSuccessHandler) .failureHandler(tihomAuthenticationFailureHandler); http.apply(validateCodeSecurityConfig) .and() //短信验证相关的配置 .apply(smsCodeAuthenticationSecurityConfig) .and() //apply的作用就是往当前的过滤链上加过滤器,过滤器会拦截某些特定的请求,收到请求后引导用户去做社交登录 .apply(tihomSocialSecurityConfig) .and() .apply(openIdAuthenticationSecurityConfig) .and() .csrf().disable(); //防护的功能关闭 authorizeConfigManager.config(http.authorizeRequests()); } }
.failureHandler(authenticationFailureHandler) // 登录失败 .permitAll()
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .mvcMatchers("/**").permitAll() //任何访问都必须授权 .anyRequest().fullyAuthenticated() //配置那些路径可以不用权限访问 .mvcMatchers("/login", "/login/wechat").permitAll() .and() .formLogin() //登陆成功后的处理,因为是API的形式所以不用跳转页面 .successHandler(new MyAuthenticationSuccessHandler()) //登陆失败后的处理 .failureHandler(new MySimpleUrlAuthenticationFailureHandler()) .and() //登出后的处理 .logout().logoutSuccessHandler(new RestLogoutSuccessHandler()) .and() //认证不通过后的处理 .exceptionHandling() .authenticationEntryPoint(new RestAuthenticationEntryPoint()); http.addFilterAt(myFilterSecurityInterceptor, FilterSecurityInterceptor.class); http.addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); //http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); http.csrf().disable(); }
@Override protected void configure(HttpSecurity http) throws Exception { http .requestMatchers() .antMatchers("/authorize", "/login", "/login/callback", "/logout") .and() .authorizeRequests() .antMatchers("/login").permitAll() .anyRequest().authenticated() .and() .formLogin() .loginPage("/login") .successHandler(authenticationSuccessHandler()) .failureHandler(authenticationFailureHandler()) .permitAll() .and() .logout() .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .logoutSuccessHandler(new CustomLogoutSuccessHandler()) .invalidateHttpSession(true) .addLogoutHandler(cookieClearingLogoutHandler()) .and() .exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")) .and() .addFilterBefore(clientOAuth2Filter(), AbstractPreAuthenticatedProcessingFilter.class) .addFilterBefore(checkAuthCookieFilter(), AbstractPreAuthenticatedProcessingFilter.class); }