@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .anyRequest().authenticated() .and() .securityContext() .securityContextRepository(new NullSecurityContextRepository()) .and() .formLogin(); }
@Override public void init(HttpSecurity http) throws Exception { registerDefaultAuthenticationEntryPoint(http); if (passwordEncoder != null) { ClientDetailsUserDetailsService clientDetailsUserDetailsService = new ClientDetailsUserDetailsService(clientDetailsService()); clientDetailsUserDetailsService.setPasswordEncoder(passwordEncoder()); http.getSharedObject(AuthenticationManagerBuilder.class) .userDetailsService(clientDetailsUserDetailsService) .passwordEncoder(passwordEncoder()); } else { http.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService())); } http.securityContext().securityContextRepository(new NullSecurityContextRepository()).and().csrf().disable() .httpBasic().realmName(realm); if (sslOnly) { http.requiresChannel().anyRequest().requiresSecure(); } }
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .anyRequest().authenticated() .and() .securityContext() .securityContextRepository(securityContextRepository()) .and() .oauth2Login() .tokenEndpoint() .accessTokenResponseClient(createOauth2AccessTokenResponseClient()) .and() .userInfoEndpoint() .userService(createOauth2UserService()) .oidcUserService(createOidcUserService()); }
.headers().and() .sessionManagement().and() .securityContext().and() .requestCache().and() .anonymous().and()
/** * 在此配置过滤链 */ @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() //角色定义,Spring Security会在其前面自动加上ROLE_,因此存储权限的时候也要加上ROLE_ADMIN .antMatchers("/detail").access("hasRole('ADMIN')") .anyRequest().permitAll().and() //异常处理,可以再此使用entrypoint来定义错误输出 .exceptionHandling().and() //不需要session来控制,所以这里可以去掉 .securityContext().securityContextRepository(new NullSecurityContextRepository()).and() //开启匿名访问 .anonymous().and() //退出登录自己来控制 .logout().disable() //因为没用到cookies,所以关闭cookies .csrf().disable() //允许跨域 .addFilterBefore(new CorsFilter(), ChannelProcessingFilter.class) //验证token .addFilterBefore(new VerifyTokenFilter(jwtTokenUtil), UsernamePasswordAuthenticationFilter.class); } }
.headers().and() .sessionManagement().and() .securityContext().and() .requestCache().and() .anonymous().and()
@Override protected void configure(final HttpSecurity http) throws Exception { http.authorizeRequests(). antMatchers("/**").permitAll().and(). sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and(). securityContext().securityContextRepository(securityContextRepository()).and(). anonymous().principal(anonymousUser).and(). httpBasic().authenticationEntryPoint(basicAuthenticationEntryPoint()). authenticationDetailsSource(authenticationDetailsSource()).and(). exceptionHandling().accessDeniedHandler(accessDeniedHandler()).and(). addFilterBefore(jwtAuthenticationFilter(), BasicAuthenticationFilter.class). addFilterBefore(mustChangePasswordFilter(), FilterSecurityInterceptor.class). headers().disable(). csrf().disable(); }
@Override public void init(HttpSecurity http) throws Exception { registerDefaultAuthenticationEntryPoint(http); if (passwordEncoder != null) { ClientDetailsUserDetailsService clientDetailsUserDetailsService = new ClientDetailsUserDetailsService(clientDetailsService()); clientDetailsUserDetailsService.setPasswordEncoder(passwordEncoder()); http.getSharedObject(AuthenticationManagerBuilder.class) .userDetailsService(clientDetailsUserDetailsService) .passwordEncoder(passwordEncoder()); } else { http.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService())); } http.securityContext().securityContextRepository(new NullSecurityContextRepository()).and().csrf().disable() .httpBasic().realmName(realm); if (sslOnly) { http.requiresChannel().anyRequest().requiresSecure(); } }
.securityContext().and() .requestCache().and() .anonymous().and() .servletApi().and() .apply(new DefaultLoginPageConfigurer<HttpSecurity>()).and()
.headers().and() .sessionManagement().and() .securityContext().and() .requestCache().and() .anonymous().and()