Examples of org.springframework.security.web.util.matcher.AntPathRequestMatcher

Package org.springframework.security.web.util.matcher

Examples of org.springframework.security.web.util.matcher.AntPathRequestMatcher

org.springframework.security.web.util.matcher.AntPathRequestMatcher
Matcher which compares a pre-defined ant-style pattern against the URL ( {@code servletPath + pathInfo}) of an {@code HttpServletRequest}. The query string of the URL is ignored and matching is case-insensitive or case-sensitive depending on the arguments passed into the constructor.
Using a pattern value of {@code /**} or {@code **} is treated as a universalmatch, which will match any request. Patterns which end with {@code /**} (and have no other wildcards)are optimized by using a substring match — a pattern of {@code /aaa/**} will match {@code /aaa}, {@code /aaa/} and any sub-directories, such as {@code /aaa/bbb/ccc}.

For all other cases, Spring's {@link AntPathMatcher} is used to perform the match. See the Spring documentationfor this class for comprehensive information on the syntax used.
@author Luke Taylor @author Rob Winch @since 3.1 @see org.springframework.util.AntPathMatcher

        requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();


        for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            requestMap.put(new AntPathRequestMatcher(key),
                    SecurityConfig.createListFromCommaDelimitedString(value));
        }


        FilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource(
                requestMap);

View Full Code Here

        requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();


        for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            requestMap.put(new AntPathRequestMatcher(key),
                    SecurityConfig.createListFromCommaDelimitedString(value));
        }


        FilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource(
                requestMap);

View Full Code Here

    @Override
    protected void configure(HttpSecurity http) throws Exception {
      http.authorizeRequests().antMatchers("/login").permitAll().anyRequest()
      .fullyAuthenticated().and().formLogin().loginPage("/login")
      .failureUrl("/login?error").and().logout()
      .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).and()
      .exceptionHandling().accessDeniedPage("/access?error");
    }

View Full Code Here


    @Override
    protected void configure(HttpSecurity http) throws Exception {
      // @formatter:off  
      http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
        .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
        .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
      .and()
        .anonymous().disable()
        .csrf().disable()
        .exceptionHandling()

View Full Code Here

        .antMatcher("/oauth/token")
        .authorizeRequests().anyRequest().authenticated()
      .and()
        .httpBasic().authenticationEntryPoint(authenticationEntryPoint())
      .and()
        .csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token")).disable()
        .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
      .and()
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
      // @formatter:on
      ClientCredentialsTokenEndpointFilter filter = new ClientCredentialsTokenEndpointFilter();

View Full Code Here

        .antMatcher("/oauth/token")
        .authorizeRequests().anyRequest().authenticated()
      .and()
        .httpBasic().authenticationEntryPoint(authenticationEntryPoint())
      .and()
        .csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token")).disable()
        .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
      .and()
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
      // @formatter:on
    }

View Full Code Here

            .exceptionHandling()
                .accessDeniedPage("/login.jsp?authorization_error=true")
                .and()
            // TODO: put CSRF protection back into this endpoint
            .csrf()
                .requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize")).disable()
            .logout()
                .logoutSuccessUrl("/index.jsp")
                .logoutUrl("/logout.do")
                .and()
            .formLogin()

View Full Code Here


    @Override
    protected void configure(HttpSecurity http) throws Exception {
      // @formatter:off  
      http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
        .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
        .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
      .and()
        .anonymous().disable()
        .csrf().disable()
        .exceptionHandling()

View Full Code Here

        .antMatcher("/oauth/token")
        .authorizeRequests().anyRequest().authenticated()
      .and()
        .httpBasic().authenticationEntryPoint(authenticationEntryPoint())
      .and()
        .csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token")).disable()
        .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
      .and()
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
      // @formatter:on
    }

View Full Code Here


    @Override
    public void configure(HttpSecurity http) throws Exception {
      // @formatter:off  
      http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
        .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
        .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
      .and()
        .anonymous().disable()
        .csrf().disable()
        .exceptionHandling()

View Full Code Here

0 1 2 3

TOP

Related Classes of org.springframework.security.web.util.matcher.AntPathRequestMatcher

com.mossle.security.client.UrlResourcePopulator

com.mossle.security.client.UrlSourceBuilder

com.sivalabs.web.controllers.WebMvcConfig$ApplicationSecurity

demo.Application$ResourceServer

demo.Application$TokenEndpointSecurity

grails.plugin.springsecurity.web.access.intercept.ChannelFilterInvocationSecurityMetadataSourceFactoryBean

nu.localhost.tapestry5.springsecurity.services.RequestInvocationDefinition

org.lightadmin.core.config.context.LightAdminSecurityConfiguration

org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry$RequestMatchers

org.springframework.security.config.annotation.web.builders.HttpSecurity

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.