Refine search
public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/resources/**"); }
throws Exception { webSecurity = objectPostProcessor .postProcess(new WebSecurity(objectPostProcessor)); if (debugEnabled != null) { webSecurity.debug(debugEnabled); webSecurity.apply(webSecurityConfigurer);
@Override public void init(final WebSecurity web) throws Exception { super.init(web); final HttpSecurity http = this.getHttp(); web.postBuildAction(() -> { FilterSecurityInterceptor securityInterceptor = http.getSharedObject(FilterSecurityInterceptor.class); UseExpressionsConfig.this.filterInvocationSecurityMetadataSourceType = securityInterceptor.getSecurityMetadataSource().getClass(); }); } }
public void init(final WebSecurity web) throws Exception { final HttpSecurity http = getHttp(); web.addSecurityFilterChainBuilder(http).postBuildAction(new Runnable() { public void run() { FilterSecurityInterceptor securityInterceptor = http .getSharedObject(FilterSecurityInterceptor.class); web.securityInterceptor(securityInterceptor); } }); }
@Configuration @EnableWebSecurity public class MyWebSecurityConfiguration extends WebSecurityConfigurerAdapter { @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/resources/**"); } @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/").permitAll() .antMatchers("/dashboard/home/**").hasAnyRole("USER", "ADMIN") .antMatchers("/dashboard/users/**").hasRole("ADMIN") .antMatchers("/rest/users/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .formLogin() .loginPage("/") .permitAll(); } // Possibly more overridden methods ... }
@Configuration @EnableWebMvcSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired public EnrollCashRepository enrollCashRepository; @Override public void configure(WebSecurity webSecurity) throws Exception { webSecurity.ignoring().antMatchers(HttpMethod.GET, "/health"); } @Override protected void configure(HttpSecurity http) throws Exception { http.addFilterBefore(tokenAuthorizationFilter(), BasicAuthenticationFilter.class); http.authorizeRequests().antMatchers("/api/**").authenticated(); } private TokenAuthorizationFilter tokenAuthorizationFilter() { return new TokenAuthorizationFilter(enrollCashRepository); } }
public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/", "/signin/**", "/error/**", "/templates/**", "/resources/**", "/webjars/**"); http .csrf().disable() .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .failureHandler(loginFailureHandler); http.logout().logoutSuccessHandler(logoutSuccessHandler); http.exceptionHandling().authenticationEntryPoint(loginEntryPoint); http.exceptionHandling().accessDeniedPage("/accessDenied");
@Override public void configure(WebSecurity web) throws Exception { web.ignoring() .antMatchers("/favicon.ico", "/robots.txt"); } @Override protected void configure(HttpSecurity http) throws Exception { http .csrf().disable() .authorizeRequests() .expressionHandler(new MyCompanyWebSecurityExpressionHandler()) .anyRequest().access("isCompanyInternal()"); } }
web.ignoring() .antMatchers("/scripts/**/*.{js,html}"); protected void configure(HttpSecurity http) throws Exception { http .exceptionHandling() .authenticationEntryPoint(authenticationEntryPoint) .and()
web.ignoring().antMatchers("/webjars/**", "/images/**", "/oauth/uncache_approvals", "/oauth/cache_approvals"); protected void configure(HttpSecurity http) throws Exception { http .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and()
public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/public/**"); protected void configure(HttpSecurity http) throws Exception { http .requestMatchers() .antMatcher("/iapi/captcha**") .antMatcher("/external/captcha**")
@Override public void configure(WebSecurity web) throws Exception { web.httpFirewall(allowUrlEncodedSlashHttpFirewall()); web.ignoring().antMatchers(AUTH_WHITELIST); web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); }
@Override public void configure(WebSecurity web) throws Exception { web.httpFirewall(httpFirewall); }
public void setImportMetadata(AnnotationMetadata importMetadata) { Map<String, Object> enableWebSecurityAttrMap = importMetadata .getAnnotationAttributes(EnableWebSecurity.class.getName()); AnnotationAttributes enableWebSecurityAttrs = AnnotationAttributes .fromMap(enableWebSecurityAttrMap); debugEnabled = enableWebSecurityAttrs.getBoolean("debug"); if (webSecurity != null) { webSecurity.debug(debugEnabled); } }
@Override public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/resources/**") .antMatchers("/publics/**"); } @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .antMatchers("/publics/**").hasRole("USER") // no effect .anyRequest().authenticated(); }
@Configuration@EnableWebMvc public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/api/**"); } @Override protected void configure(HttpSecurity http) throws Exception { http.addFilterBefore(authenticationFilter(), BasicAuthenticationFilter.class) .authorizeRequests().anyRequest().denyAll(); http.authorizeRequests().antMatchers("/api/user").permitAll(); } AuthenticationFilter authenticationFilter() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); return filter; } }
//Enforce basic auth @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable() .httpBasic() .and().authorizeRequests().anyRequest().authenticated(); } //Ignore basic auth for WSDL URL @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/**/*.wsdl"); } @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { //TODO - do parametru auth.inMemoryAuthentication().withUser("user").password("password").roles("USER"); }
web.ignoring().antMatchers("/assets/**"); protected void configure(HttpSecurity http) throws Exception { http.exceptionHandling() .authenticationEntryPoint(negotiateSecurityFilterEntryPoint()).and() .addFilterBefore(customPreAuthSecurityFilter(), BasicAuthenticationFilter.class)