Package org.springframework.security.web.util.matcher

Examples of org.springframework.security.web.util.matcher.AntPathRequestMatcher


        assertFalse(matcher.matches(createRequest("/login.html/blah")));
    }

    @Test
    public void httpMethodSpecificMatchOnlyMatchesRequestsWithCorrectMethod() throws Exception {
        AntPathRequestMatcher matcher = new AntPathRequestMatcher("/blah", "GET");
        MockHttpServletRequest request = createRequest("/blah");
        request.setMethod("GET");
        assertTrue(matcher.matches(request));
        request.setMethod("POST");
        assertFalse(matcher.matches(request));
    }
View Full Code Here


    }

    @Test
    public void caseSensitive() throws Exception {
        MockHttpServletRequest request = createRequest("/UPPER");
        assertThat(new AntPathRequestMatcher("/upper",null,true).matches(request)).isFalse();
        assertThat(new AntPathRequestMatcher("/upper","POST",true).matches(request)).isFalse();
        assertThat(new AntPathRequestMatcher("/upper","GET",true).matches(request)).isFalse();

        assertThat(new AntPathRequestMatcher("/upper",null,false).matches(request)).isTrue();
        assertThat(new AntPathRequestMatcher("/upper","POST",false).matches(request)).isTrue();
    }
View Full Code Here

    }

    @Test
    public void equalsBehavesCorrectly() throws Exception {
        // Both universal wildcard options should be equal
        assertEquals(new AntPathRequestMatcher("/**"), new AntPathRequestMatcher("**"));
        assertEquals(new AntPathRequestMatcher("/xyz"), new AntPathRequestMatcher("/xyz"));
        assertEquals(new AntPathRequestMatcher("/xyz", "POST"), new AntPathRequestMatcher("/xyz", "POST"));
        assertFalse(new AntPathRequestMatcher("/xyz", "POST").equals(new AntPathRequestMatcher("/xyz", "GET")));
        assertFalse(new AntPathRequestMatcher("/xyz").equals(new AntPathRequestMatcher("/xxx")));
        assertFalse(new AntPathRequestMatcher("/xyz").equals(AnyRequestMatcher.INSTANCE));
        assertFalse(new AntPathRequestMatcher("/xyz","GET", false).equals(new AntPathRequestMatcher("/xyz","GET", true)));
    }
View Full Code Here

        assertFalse(new AntPathRequestMatcher("/xyz","GET", false).equals(new AntPathRequestMatcher("/xyz","GET", true)));
    }

    @Test
    public void toStringIsOk() throws Exception {
        new AntPathRequestMatcher("/blah").toString();
        new AntPathRequestMatcher("/blah", "GET").toString();
    }
View Full Code Here

     * @see org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer#createLoginProcessingUrlMatcher(java.lang.String)
     */
    @Override
    protected RequestMatcher createLoginProcessingUrlMatcher(
            String loginProcessingUrl) {
        return new AntPathRequestMatcher(loginProcessingUrl, "POST");
    }
View Full Code Here

    //~ Methods ========================================================================================================
    private void createFids(String pattern, String method) {
        LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap =
            new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
        requestMap.put(new AntPathRequestMatcher(pattern, method), def);
        fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
    }
View Full Code Here

    public void mixingPatternsWithAndWithoutHttpMethodsIsSupported() throws Exception {
        LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap =
            new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
        Collection<ConfigAttribute> userAttrs = SecurityConfig.createList("A");

        requestMap.put(new AntPathRequestMatcher("/user/**", null), userAttrs);
        requestMap.put(new AntPathRequestMatcher("/teller/**", "GET"),  SecurityConfig.createList("B"));
        fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);

        FilterInvocation fi = createFilterInvocation("/user", null, null, "GET");
        Collection<ConfigAttribute> attrs = fids.getAttributes(fi);
        assertEquals(userAttrs, attrs);
View Full Code Here

        ContentNegotiationStrategy contentNegotiationStrategy = http.getSharedObject(ContentNegotiationStrategy.class);
        if(contentNegotiationStrategy == null) {
            contentNegotiationStrategy = new HeaderContentNegotiationStrategy();
        }

        RequestMatcher notFavIcon = new NegatedRequestMatcher(new AntPathRequestMatcher("/**/favicon.ico"));

        MediaTypeRequestMatcher jsonRequest = new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.APPLICATION_JSON);
        jsonRequest.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
        RequestMatcher notJson = new NegatedRequestMatcher(jsonRequest);

        RequestMatcher notXRequestedWith = new NegatedRequestMatcher(new RequestHeaderRequestMatcher("X-Requested-With","XMLHttpRequest"));

        boolean isCsrfEnabled = http.getConfigurer(CsrfConfigurer.class) != null;

        List<RequestMatcher> matchers = new ArrayList<RequestMatcher>();
        if(isCsrfEnabled) {
            RequestMatcher getRequests = new AntPathRequestMatcher("/**", "GET");
            matchers.add(0, getRequests);
        }
        matchers.add(notFavIcon);
        matchers.add(notJson);
        matchers.add(notXRequestedWith);
View Full Code Here

    private RequestMatcher getLogoutRequestMatcher(H http) {
        if(logoutRequestMatcher != null) {
            return logoutRequestMatcher;
        }
        if(http.getConfigurer(CsrfConfigurer.class) != null) {
            this.logoutRequestMatcher = new AntPathRequestMatcher(this.logoutUrl, "POST");
        } else {
            this.logoutRequestMatcher = new AntPathRequestMatcher(this.logoutUrl);
        }
        return this.logoutRequestMatcher;
    }
View Full Code Here

     * @see org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer#createLoginProcessingUrlMatcher(java.lang.String)
     */
    @Override
    protected RequestMatcher createLoginProcessingUrlMatcher(
            String loginProcessingUrl) {
        return new AntPathRequestMatcher(loginProcessingUrl);
    }
View Full Code Here

TOP

Related Classes of org.springframework.security.web.util.matcher.AntPathRequestMatcher

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.