Examples of org.springframework.security.web.util.matcher.AntPathRequestMatcher

• org.springframework.security.web.util.matcher.AntPathRequestMatcher
  Matcher which compares a pre-defined ant-style pattern against the URL ( {@code servletPath + pathInfo}) of an {@code HttpServletRequest}. The query string of the URL is ignored and matching is case-insensitive or case-sensitive depending on the arguments passed into the constructor.

  Using a pattern value of {@code /**} or {@code **} is treated as a universalmatch, which will match any request. Patterns which end with {@code /**} (and have no other wildcards)are optimized by using a substring match — a pattern of {@code /aaa/**} will match {@code /aaa}, {@code /aaa/} and any sub-directories, such as {@code /aaa/bbb/ccc}.

  For all other cases, Spring's {@link AntPathMatcher} is used to perform the match. See the Spring documentationfor this class for comprehensive information on the syntax used.

  @author Luke Taylor @author Rob Winch @since 3.1 @see org.springframework.util.AntPathMatcher

        .antMatcher("/oauth/token")
        .authorizeRequests().anyRequest().authenticated()
      .and()
        .httpBasic().authenticationEntryPoint(authenticationEntryPoint())
      .and()
        .csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token")).disable()
        .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
      .and()
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
      // @formatter:on
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
      // @formatter:off
      http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
        .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
        .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
      .and()
        .anonymous().disable()
        .csrf().disable()
        .exceptionHandling()

        .antMatcher("/token")
        .authorizeRequests().anyRequest().authenticated()
      .and()
        .httpBasic().authenticationEntryPoint(authenticationEntryPoint())
      .and()
        .csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/token")).disable()
        .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
      .and()
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
      // @formatter:on
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
      // @formatter:off
      http.addFilterBefore(resourceFilter, AbstractPreAuthenticatedProcessingFilter.class)
        .requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("/oauth/**")))
        .authorizeRequests().anyRequest().authenticated().expressionHandler(new OAuth2WebSecurityExpressionHandler())
      .and()
        .anonymous().disable()
        .csrf().disable()
        .exceptionHandling()

        .antMatcher("/oauth/token")
        .authorizeRequests().anyRequest().authenticated()
      .and()
        .httpBasic().authenticationEntryPoint(authenticationEntryPoint())
      .and()
        .csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token")).disable()
        .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
      .and()
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
      // @formatter:on
    }

                                throw new BadCredentialsException("Not a github user!");
                            }
                            filterChain.doFilter(request, response);
                        }
                    }, ExceptionTranslationFilter.class);
            http.logout().logoutRequestMatcher(new AntPathRequestMatcher("/signout"))
                    .logoutSuccessUrl("/").and().authorizeRequests().anyRequest()
                    .authenticated();
            if (isForceHttps()) {
                http.requiresChannel().anyRequest().requiresSecure();
            }

    protected void configure(HttpSecurity http) throws Exception {
      // @formatter:off
      http.authorizeRequests().antMatchers("/login").permitAll().anyRequest()
          .fullyAuthenticated().and().formLogin().loginPage("/login")
          .failureUrl("/login?error").and().logout()
          .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).and()
          .exceptionHandling().accessDeniedPage("/access?error");
      // @formatter:on
    }

    @Bean
    @Autowired
    public FilterChainProxy springSecurityFilterChain(Filter filterSecurityInterceptor, Filter authenticationFilter, Filter rememberMeAuthenticationFilter, Filter logoutFilter, Filter exceptionTranslationFilter, Filter securityContextPersistenceFilter) {
        List<SecurityFilterChain> filterChains = newArrayList();
        for (String pattern : PUBLIC_RESOURCES) {
            filterChains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher(applicationUrl(pattern))));
        }

        filterChains.add(new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE, securityContextPersistenceFilter, exceptionTranslationFilter, logoutFilter, authenticationFilter, rememberMeAuthenticationFilter, filterSecurityInterceptor));

        return new FilterChainProxy(filterChains);

          !"REQUIRES_INSECURE_CHANNEL".equals(value)) {
        throw new IllegalArgumentException("The rule for URL '" + value +
            "' must be one of REQUIRES_SECURE_CHANNEL, REQUIRES_INSECURE_CHANNEL, or ANY_CHANNEL");
      }

      map.put(new AntPathRequestMatcher(entry.getKey()), SecurityConfig.createList(value));
    }
    return map;
  }