@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**", "/error**").permitAll().anyRequest() .authenticated().and().logout().logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and() .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**", "/error**").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and() .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**", "/error**").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout() .logoutSuccessUrl("/").permitAll().and().csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and() .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); successHandler.setTargetUrlParameter( "redirectTo" ); http.authorizeRequests() .antMatchers( adminContextPath + "/assets/**" ).permitAll() .antMatchers( adminContextPath + "/login" ).permitAll() .anyRequest().authenticated() .and() .formLogin().loginPage( adminContextPath + "/login" ).successHandler( successHandler ).and() .logout().logoutUrl( adminContextPath + "/logout" ).and() .httpBasic().and() .csrf().disable(); // @formatter:on } }
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/","/login").permitAll()//根路径和/login路径不拦截 .anyRequest().authenticated() .and() .formLogin() .loginPage("/login") //2登陆页面路径为/login .defaultSuccessUrl("/chat") //3登陆成功转向chat页面 .permitAll() .and() .logout() .permitAll(); }
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/resources/**").permitAll() .anyRequest().authenticated() .and() .formLogin() .loginPage("/login") .permitAll() .and() .logout() .permitAll() .and() .csrf().disable(); }
@Override protected void configure(HttpSecurity http) throws Exception { // Page with login form is served as /login.html and does a POST on /login http.formLogin().loginPage("/login.html").loginProcessingUrl("/login").permitAll(); // The UI does a POST on /logout on logout http.logout().logoutUrl("/logout"); // The ui currently doesn't support csrf http.csrf().disable(); // Requests for the login page and the static assets are allowed http.authorizeRequests() .antMatchers("/login.html", "/**/*.css", "/img/**", "/third-party/**") .permitAll(); // ... and any other request needs to be authorized http.authorizeRequests().antMatchers("/**").authenticated(); // Enable so that the clients can authenticate via HTTP basic for registering http.httpBasic(); } }
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.headers().frameOptions().sameOrigin(); http.authorizeRequests() .antMatchers("/openapi/**", "/vendor/**", "/styles/**", "/scripts/**", "/views/**", "/img/**").permitAll() .antMatchers("/**").authenticated(); http.formLogin().loginPage("/signin").permitAll().failureUrl("/signin?#/error").and().httpBasic(); SimpleUrlLogoutSuccessHandler urlLogoutHandler = new SimpleUrlLogoutSuccessHandler(); urlLogoutHandler.setDefaultTargetUrl("/signin?#/logout"); http.logout().logoutUrl("/user/logout").invalidateHttpSession(true).clearAuthentication(true) .logoutSuccessHandler(urlLogoutHandler); http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/signin")); }
@Override protected void configure(HttpSecurity http) throws Exception { http .csrf().disable() .authorizeRequests() .antMatchers("/login").permitAll() .antMatchers("/logout").permitAll() .antMatchers("/images/**").permitAll() .antMatchers("/js/**").permitAll() .antMatchers("/css/**").permitAll() .antMatchers("/fonts/**").permitAll() .antMatchers("/favicon.ico").permitAll() .antMatchers("/").permitAll() .anyRequest().authenticated() .and() .sessionManagement().maximumSessions(1).sessionRegistry(sessionRegistry) .and() .and() .logout() .invalidateHttpSession(true) .clearAuthentication(true) .and() .httpBasic(); }
@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.headers().frameOptions().sameOrigin(); http.authorizeRequests() .antMatchers("/openapi/**", "/vendor/**", "/styles/**", "/scripts/**", "/views/**", "/img/**").permitAll() .antMatchers("/**").hasAnyRole(USER_ROLE); http.formLogin().loginPage("/signin").permitAll().failureUrl("/signin?#/error").and().httpBasic(); SimpleUrlLogoutSuccessHandler urlLogoutHandler = new SimpleUrlLogoutSuccessHandler(); urlLogoutHandler.setDefaultTargetUrl("/signin?#/logout"); http.logout().logoutUrl("/user/logout").invalidateHttpSession(true).clearAuthentication(true) .logoutSuccessHandler(urlLogoutHandler); http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/signin")); }
protected void configure(HttpSecurity http) throws Exception { http .csrf().disable() .logout() .clearAuthentication(false); }
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests()//配置权限 // .antMatchers("/").access("hasRole('TEST')")//该路径需要TEST角色 .antMatchers("/").authenticated()//该路径需要登录认证 // .antMatchers("/brand/list").hasAuthority("TEST")//该路径需要TEST权限 .antMatchers("/**").permitAll() .and()//启用基于http的认证 .httpBasic() .realmName("/") .and()//配置登录页面 .formLogin() .loginPage("/login") .failureUrl("/login?error=true") .and()//配置退出路径 .logout() .logoutSuccessUrl("/") // .and()//记住密码功能 // .rememberMe() // .tokenValiditySeconds(60*60*24) // .key("rememberMeKey") .and()//关闭跨域伪造 .csrf() .disable() .headers()//去除X-Frame-Options .frameOptions() .disable(); }
/** * Configure. * * @param http the http * * @throws Exception the exception */ @Override protected void configure(HttpSecurity http) throws Exception { http.headers().frameOptions().disable() .and() .formLogin() .loginPage("/login.html") .loginProcessingUrl("/login") .and() .logout().logoutUrl("/logout") .and() .csrf().disable() .authorizeRequests() .antMatchers("/api/**", "/applications/**", "/api/applications/**", "/login.html", "/**/*.css", "/img/**", "/third-party/**") .permitAll() .anyRequest().authenticated(); } }
.failureHandler(new GoAuthenticationFailureHandler()) .and() .logout() .logoutUrl("/sso/logout") .logoutSuccessHandler(new GoLogoutSuccessHandler())
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/admin/**").authenticated() .anyRequest().permitAll() .and() .formLogin() .loginPage("/login") .permitAll() .failureUrl("/login?error=1") .loginProcessingUrl("/authenticate") .and() .logout() .logoutUrl("/logout") .permitAll() .logoutSuccessUrl("/login?logout") .and() .rememberMe() .rememberMeServices(rememberMeServices()) .key("remember-me-key"); } }
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/user/**").authenticated() .anyRequest().permitAll() .and() .formLogin() .loginPage("/login") .defaultSuccessUrl("/user", true) .permitAll() .and() .logout() .permitAll() .and().portMapper().http(port).mapsTo(sslPort) .and().csrf().disable(); http.rememberMe().alwaysRemember(true); http.addFilterAt(qqAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); http.addFilterAt(githubAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); }
@Override protected void configure(HttpSecurity http) throws Exception { SimpleUrlLogoutSuccessHandler logoutSuccessHandler = new SimpleUrlLogoutSuccessHandler(); logoutSuccessHandler.setDefaultTargetUrl("/SuccessHandlerRefHttpLogoutConfig"); http .logout() .logoutSuccessHandler(logoutSuccessHandler); } }
@Override protected void configure(HttpSecurity http) throws Exception { http .logout() .deleteCookies("remove") // logout@delete-cookies .invalidateHttpSession(false) // logout@invalidate-session=false (default is true) .logoutUrl("/custom-logout") // logout@logout-url (default is /logout) .logoutSuccessUrl("/logout-success"); // logout@success-url (default is /login?logout) } }
.servletApi().and() .apply(new DefaultLoginPageConfigurer<>()).and() .logout();