Examples of org.springframework.security.web.util.AntPathRequestMatcher$SpringAntMatcher

Package org.springframework.security.web.util

Examples of org.springframework.security.web.util.AntPathRequestMatcher$SpringAntMatcher

org.springframework.security.web.util.AntPathRequestMatcher
Matcher which compares a pre-defined ant-style pattern against the URL ( {@code servletPath + pathInfo}) of an {@code HttpServletRequest}. The query string of the URL is ignored and matching is case-insensitive or case-sensitive depending on the arguments passed into the constructor.
Using a pattern value of {@code /**} or {@code **} is treated as a universalmatch, which will match any request. Patterns which end with {@code /**} (and have no other wildcards)are optimized by using a substring match — a pattern of {@code /aaa/**} will match {@code /aaa}, {@code /aaa/} and any sub-directories, such as {@code /aaa/bbb/ccc}.

For all other cases, Spring's {@link AntPathMatcher} is used to perform the match. See the Spring documentationfor this class for comprehensive information on the syntax used.
@author Luke Taylor @author Rob Winch @since 3.1 @deprecated use {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher} @see org.springframework.util.AntPathMatcher


    private RequestMatcher requestMatcher;
    private List<ConfigAttribute> configAttributes;


    public RequestInvocationDefinition(String pattern, String roles,Long id) {
        this.requestMatcher = new AntPathRequestMatcher(pattern);
    String[] allAttrs = StringUtils.stripAll(
                StringUtils.splitPreserveAllTokens(roles, ',')
            );
    this.configAttributes = new ArrayList<ConfigAttribute>();
    for (String attr : allAttrs) {

View Full Code Here


    @Override
    public void handleRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        Map<String, String> urlPatternDispatchMap = (Map<String, String>) getApplicationContext().getBean("blResourceUrlPatternRequestDispatchMap");
        for (Map.Entry<String, String> entry : urlPatternDispatchMap.entrySet()) {
            RequestMatcher matcher = new AntPathRequestMatcher(entry.getKey());
            if (matcher.matches(request)){
                request.getRequestDispatcher(entry.getValue()).forward(request, response);
                return;
            }
        }
        super.handleRequest(request, response);

View Full Code Here

        HttpServletResponse response = (HttpServletResponse) baseResponse;


        boolean excludedRequestFound = false;
        if (excludedRequestPatterns != null && excludedRequestPatterns.size() > 0) {
            for (String pattern : excludedRequestPatterns) {
                RequestMatcher matcher = new AntPathRequestMatcher(pattern);
                if (matcher.matches(request)){
                    excludedRequestFound = true;
                    break;
                }
            }
        }

View Full Code Here

            return false;
        }
        
        if (excludedOrderLockRequestPatterns != null && excludedOrderLockRequestPatterns.size() > 0) {
            for (String pattern : excludedOrderLockRequestPatterns) {
                RequestMatcher matcher = new AntPathRequestMatcher(pattern);
                if (matcher.matches(request)){
                    return false;
                }
            }
        }

View Full Code Here

     * @param antPattern the Ant Pattern to match on (i.e. "/admin/**")
     * @return the {@link HttpSecurity} for further customizations
     * @see AntPathRequestMatcher
     */
    public HttpSecurity antMatcher(String antPattern) {
        return requestMatcher(new AntPathRequestMatcher(antPattern));
    }

View Full Code Here

         */
        public static List<RequestMatcher> antMatchers(HttpMethod httpMethod, String...antPatterns) {
            String method = httpMethod == null ? null : httpMethod.toString();
            List<RequestMatcher> matchers = new ArrayList<RequestMatcher>();
            for(String pattern : antPatterns) {
                matchers.add(new AntPathRequestMatcher(pattern, method));
            }
            return matchers;
        }

View Full Code Here

                patterns.add(singlePattern);
        }
        
        AntPathRequestMatcher[] matchers=new AntPathRequestMatcher[patterns.size()];
        for (int i = 0;i<matchers.length;i++) {
            matchers[i]=new AntPathRequestMatcher(patterns.get(i));
        }
        return new GeoServerRequestMatcher(methods,matchers); 
    }

View Full Code Here

                Collection<ConfigAttribute> v=new ArrayList<>();
                for(String role : roles){
                    v.add(new SecurityConfig(role));
                }
                //POST
                RequestMatcher key=new AntPathRequestMatcher(url,"POST");
                requestMap.put(key, v);
                //GET
                key=new AntPathRequestMatcher(url,"GET");
                requestMap.put(key, v);
            }
            //格式2：超级管理员 或是 普通管理员都可以访问
            else{
                //POST
                RequestMatcher key=new AntPathRequestMatcher(url,"POST");
                requestMap.put(key, value);
                //GET
                key=new AntPathRequestMatcher(url,"GET");
                requestMap.put(key, value);
            }
        }


        
 //2、动态指定系统中模块及命令的url访问规则 
        //遍历所有的Command对象
        for(Command command : serviceFacade.query(Command.class).getModels()){
            List<String> paths=ModuleService.getCommandPath(command);
            //命令访问路径到角色名称的映射
            Map<String,String> map=ModuleService.getCommandPathToRole(command);
            for(String path : paths){
                //POST
                RequestMatcher key=new AntPathRequestMatcher(path.toString().toLowerCase()+".action*","POST");
                value=new ArrayList<>();
                //要把路径转换为角色
                //如：命令路径：/**/security/user!query 映射角色：_SECURITY_USER_QUERY
                value.add(new SecurityConfig("ROLE_MANAGER"+map.get(path)));
                value.add(superManager);
                requestMap.put(key, value);
                //GET
                key=new AntPathRequestMatcher(path.toString().toLowerCase()+".action*","GET");
                requestMap.put(key, value);
            }
        }
        
 //3、超级管理员对所有的POST操作具有权限
        RequestMatcher key=new AntPathRequestMatcher("/**","POST");
        //value为超级管理员
        value=new ArrayList<>();
        value.add(superManager);
        requestMap.put(key, value);
        
        
 //4、超级管理员对所有的GET操作具有权限
        key=new AntPathRequestMatcher("/**","GET");
        requestMap.put(key, value);        


        DefaultFilterInvocationSecurityMetadataSource source=new DefaultFilterInvocationSecurityMetadataSource(requestMap);
        
        filterSecurityInterceptor.setSecurityMetadataSource(source);

View Full Code Here

TOP

Related Classes of org.springframework.security.web.util.AntPathRequestMatcher$SpringAntMatcher

nu.localhost.tapestry5.springsecurity.services.RequestInvocationDefinition

org.apdplat.module.security.service.SpringSecurityService

org.broadleafcommerce.common.security.handler.CsrfFilter

org.broadleafcommerce.common.web.BroadleafGWTModuleURLMappingResourceHttpRequestHandler

org.broadleafcommerce.core.web.order.security.CartStateFilter

org.geoserver.security.GeoServerSecurityFilterChainProxy

org.springframework.security.config.annotation.web.AbstractRequestMatcherConfigurer$RequestMatchers

org.springframework.security.config.annotation.web.builders.HttpSecurity

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.