@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http .requestCache(); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { http .formLogin().and() .requestCache() .requestCache(this.requestCache); } }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http .requestCache() .requestCache(requestCache) .and() .requestCache(); // @formatter:on } }
@Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); http.requestCache().disable(); } }
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .anyRequest().authenticated() .and() .requestCache() .requestCache(requestCache) .and() .oauth2Client() .authorizationCodeGrant() .authorizationRequestResolver(authorizationRequestResolver) .accessTokenResponseClient(accessTokenResponseClient); }
.sessionManagement().and() .securityContext().and() .requestCache().and() .anonymous().and() .servletApi().and()
.sessionManagement().and() .securityContext().and() .requestCache().and() .anonymous().and() .servletApi().and()
@Configuration @EnableWebSecurity public class CASWebSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { //disable HTTP Session management http .securityContext() .securityContextRepository(new NullSecurityContextRepository()) .and() .sessionManagement().disable(); http.requestCache().requestCache(new NullRequestCache()); //no security checks for health checks http.authorizeRequests().antMatchers("/health/**").permitAll(); http.csrf().disable(); http .exceptionHandling() .authenticationEntryPoint(authenticationEntryPoint()); http // login configuration .addFilter(authenticationFilter()) .authorizeRequests().anyRequest().authenticated(); } }
@Override protected void configure(HttpSecurity http) throws Exception { http.securityContext().securityContextRepository(securityContextRepository); http.requestCache().requestCache(new NullRequestCache()); http .authorizeRequests() .antMatchers("/", "/home", "/categories/**", "/products/**").permitAll() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .formLogin() // login .loginPage("/login") .permitAll() .successHandler(new CustomAuthSuccessHandler()) .and() .logout() // /login?logout .logoutUrl("/logout") .logoutSuccessUrl("/loggedOut") .deleteCookies(SecurityConfig.AUTHCOOKIENAME) .permitAll() .and() .csrf().disable() ; }
http.logout().disable(); http.formLogin().disable(); http.requestCache().disable();
http.requestCache().disable();
http.logout().disable(); http.formLogin().disable(); http.requestCache().disable();
.requestCache().requestCache(new NullRequestCache()) .and() .csrf().disable();
http.exceptionHandling().authenticationEntryPoint(new SimpleAuthenticationEntryPoint(confMap.get("security.signin"))); http.exceptionHandling().accessDeniedHandler(new SimpleAccessDeniedHandler(confMap.get("security.access_denied"))); http.requestCache().requestCache(new SimpleRequestCache()); http.logout().logoutUrl(confMap.get("security.signout")). logoutSuccessUrl(confMap.get("security.signout_success"));
http.exceptionHandling().authenticationEntryPoint(new SimpleAuthenticationEntryPoint(signinPath)); http.exceptionHandling().accessDeniedHandler(new SimpleAccessDeniedHandler(accessDeniedPath)); http.requestCache().requestCache(new SimpleRequestCache()); http.logout().logoutUrl(signoutPath).logoutSuccessUrl(signoutSuccessPath); http.rememberMe().rememberMeServices(rememberMeServices);
http.exceptionHandling().authenticationEntryPoint(new SimpleAuthenticationEntryPoint(signinPath)); http.exceptionHandling().accessDeniedHandler(new SimpleAccessDeniedHandler(accessDeniedPath)); http.requestCache().requestCache(new SimpleRequestCache()); http.logout().logoutUrl(signoutPath).logoutSuccessUrl(signoutSuccessPath); http.rememberMe().rememberMeServices(rememberMeServices);
.sessionManagement().and() .securityContext().and() .requestCache().and() .anonymous().and() .servletApi().and()
.sessionManagement().and() .securityContext().and() .requestCache().and() .anonymous().and() .servletApi().and()