/** * Create a {@link List} of {@link AntPathRequestMatcher} instances that do not * specify an {@link HttpMethod}. * * @param antPatterns the ant patterns to create {@link AntPathRequestMatcher} * from * * @return a {@link List} of {@link AntPathRequestMatcher} instances */ public static List<RequestMatcher> antMatchers(String... antPatterns) { return antMatchers(null, antPatterns); }
/** * Create a {@link List} of {@link RegexRequestMatcher} instances that do not * specify an {@link HttpMethod}. * * @param regexPatterns the regular expressions to create * {@link RegexRequestMatcher} from * * @return a {@link List} of {@link RegexRequestMatcher} instances */ public static List<RequestMatcher> regexMatchers(String... regexPatterns) { return regexMatchers(null, regexPatterns); }
/** * Maps a {@link List} of * {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher} * instances. * * @param method the {@link HttpMethod} to use for any * {@link HttpMethod}. * * @return the object that is chained after creating the {@link RequestMatcher} */ public C antMatchers(HttpMethod method) { return antMatchers(method, new String[] { "/**" }); }
private void registerDefaultEntryPoint(H http) { ExceptionHandlingConfigurer<H> exceptionHandling = http .getConfigurer(ExceptionHandlingConfigurer.class); if (exceptionHandling == null) { return; } exceptionHandling.defaultAuthenticationEntryPointFor( this.authenticationEntryPoint, this.requestMatcher); }
private GrantedAuthoritiesMapper getGrantedAuthoritiesMapper() { GrantedAuthoritiesMapper grantedAuthoritiesMapper = this.getBuilder().getSharedObject(GrantedAuthoritiesMapper.class); if (grantedAuthoritiesMapper == null) { grantedAuthoritiesMapper = this.getGrantedAuthoritiesMapperBean(); if (grantedAuthoritiesMapper != null) { this.getBuilder().setSharedObject(GrantedAuthoritiesMapper.class, grantedAuthoritiesMapper); } } return grantedAuthoritiesMapper; }
@Override public void configure(H http) throws Exception { X509AuthenticationFilter filter = getFilter(http .getSharedObject(AuthenticationManager.class)); http.addFilter(filter); }
static <B extends HttpSecurityBuilder<B>> ClientRegistrationRepository getClientRegistrationRepository(B builder) { ClientRegistrationRepository clientRegistrationRepository = builder.getSharedObject(ClientRegistrationRepository.class); if (clientRegistrationRepository == null) { clientRegistrationRepository = getClientRegistrationRepositoryBean(builder); builder.setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository); } return clientRegistrationRepository; }
private AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> getAuthenticationUserDetailsService( H http) { if (authenticationUserDetailsService == null) { userDetailsService(http.getSharedObject(UserDetailsService.class)); } return authenticationUserDetailsService; }
/** * Allows explicit configuration of the {@link RequestCache} to be used. Defaults to * try finding a {@link RequestCache} as a shared object. Then falls back to a * {@link HttpSessionRequestCache}. * * @param requestCache the explicit {@link RequestCache} to use * @return the {@link RequestCacheConfigurer} for further customization */ public RequestCacheConfigurer<H> requestCache(RequestCache requestCache) { getBuilder().setSharedObject(RequestCache.class, requestCache); return this; }
@Override public void configure(H http) throws Exception { LogoutFilter logoutFilter = createLogoutFilter(http); http.addFilter(logoutFilter); }
@Override public void configure(H http) throws Exception { HeaderWriterFilter headersFilter = createHeaderWriterFilter(); http.addFilter(headersFilter); }
/** * Create a {@link List} of * {@link org.springframework.security.web.util.matcher.RegexRequestMatcher} instances * that do not specify an {@link HttpMethod}. * * @param regexPatterns the regular expressions to create * {@link org.springframework.security.web.util.matcher.RegexRequestMatcher} from * * @return the object that is chained after creating the {@link RequestMatcher} */ public C regexMatchers(String... regexPatterns) { Assert.state(!this.anyRequestConfigured, "Can't configure regexMatchers after anyRequest"); return chainRequestMatchers(RequestMatchers.regexMatchers(regexPatterns)); }
/** * Maps a {@link List} of * {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher} * instances that do not care which {@link HttpMethod} is used. * * @param antPatterns the ant patterns to create * {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher} from * * @return the object that is chained after creating the {@link RequestMatcher} */ public C antMatchers(String... antPatterns) { Assert.state(!this.anyRequestConfigured, "Can't configure antMatchers after anyRequest"); return chainRequestMatchers(RequestMatchers.antMatchers(antPatterns)); }
@Override public void configure(H http) throws Exception { authenticationFilter.afterPropertiesSet(); http.addFilter(authenticationFilter); }
@Test(expected = IllegalStateException.class) public void getConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception { TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); builder.apply(new DelegateSecurityConfigurer()); builder.apply(new DelegateSecurityConfigurer()); builder.getConfigurer(DelegateSecurityConfigurer.class); }
@Test(expected = IllegalStateException.class) public void removeConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception { TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); builder.apply(new DelegateSecurityConfigurer()); builder.apply(new DelegateSecurityConfigurer()); builder.removeConfigurer(DelegateSecurityConfigurer.class); }
@Override public void init(TestConfiguredSecurityBuilder builder) throws Exception { builder.apply(CONFIGURER); } }
@Bean public MyFilter myFilter(UserDetailsService userDetailsService) { return new MyFilter(userDetailsService); } }
/** * Maps a {@link List} of * {@link org.springframework.security.web.util.matcher.RegexRequestMatcher} * instances. * * @param method the {@link HttpMethod} to use or {@code null} for any * {@link HttpMethod}. * @param regexPatterns the regular expressions to create * {@link org.springframework.security.web.util.matcher.RegexRequestMatcher} from * * @return the object that is chained after creating the {@link RequestMatcher} */ public C regexMatchers(HttpMethod method, String... regexPatterns) { Assert.state(!this.anyRequestConfigured, "Can't configure regexMatchers after anyRequest"); return chainRequestMatchers(RequestMatchers.regexMatchers(method, regexPatterns)); }
/** * Maps a {@link List} of * {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher} * instances. * * @param method the {@link HttpMethod} to use or {@code null} for any * {@link HttpMethod}. * @param antPatterns the ant patterns to create. If {@code null} or empty, then matches on nothing. * {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher} from * * @return the object that is chained after creating the {@link RequestMatcher} */ public C antMatchers(HttpMethod method, String... antPatterns) { Assert.state(!this.anyRequestConfigured, "Can't configure antMatchers after anyRequest"); return chainRequestMatchers(RequestMatchers.antMatchers(method, antPatterns)); }