Examples of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher

Package org.springframework.security.web.util.matcher

Examples of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher

org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
A {@link RequestMatcher} that can be used to match request that contain aheader with an expected header name and an expected value.
For example, the following will match an request that contains a header with the name X-Requested-With no matter what the value is.
```
 RequestMatcher matcher = new RequestHeaderRequestMatcher("X-Requested-With"); 
```
Alternatively, the RequestHeaderRequestMatcher can be more precise and require a specific value. For example the following will match on requests with the header name of X-Requested-With with the value of "XMLHttpRequest", but will not match on header name of "X-Requested-With" with the value of "Other".
```
 RequestMatcher matcher = new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"); 
```
The value used to compare is the first header value, so in the previous example if the header "X-Requested-With" contains the values "Other" and "XMLHttpRequest", then it will not match. @author Rob Winch @since 3.2

     */
    public HttpBasicConfigurer() throws Exception {
        realmName(DEFAULT_REALM);


        LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<RequestMatcher, AuthenticationEntryPoint>();
        entryPoints.put(new RequestHeaderRequestMatcher("X-Requested-With","XMLHttpRequest"), new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED));


        DelegatingAuthenticationEntryPoint defaultEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);
        defaultEntryPoint.setDefaultEntryPoint(basicAuthEntryPoint);
        authenticationEntryPoint =  defaultEntryPoint;
    }

View Full Code Here


        MediaTypeRequestMatcher jsonRequest = new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.APPLICATION_JSON);
        jsonRequest.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
        RequestMatcher notJson = new NegatedRequestMatcher(jsonRequest);


        RequestMatcher notXRequestedWith = new NegatedRequestMatcher(new RequestHeaderRequestMatcher("X-Requested-With","XMLHttpRequest"));


        boolean isCsrfEnabled = http.getConfigurer(CsrfConfigurer.class) != null;


        List<RequestMatcher> matchers = new ArrayList<RequestMatcher>();
        if(isCsrfEnabled) {

View Full Code Here

        request = new MockHttpServletRequest();
    }


    @Test(expected = IllegalArgumentException.class)
    public void constructorNullHeaderName() {
        new RequestHeaderRequestMatcher(null);
    }

View Full Code Here

        new RequestHeaderRequestMatcher(null);
    }


    @Test(expected = IllegalArgumentException.class)
    public void constructorNullHeaderNameNonNullHeaderValue() {
        new RequestHeaderRequestMatcher(null,"v");
    }

View Full Code Here

    }


    @Test
    public void matchesHeaderNameMatches() {
        request.addHeader(headerName, headerValue);
        assertThat(new RequestHeaderRequestMatcher(headerName).matches(request)).isTrue();
    }

View Full Code Here

    }


    @Test
    public void matchesHeaderNameDoesNotMatch() {
        request.addHeader(headerName+"notMatch", headerValue);
        assertThat(new RequestHeaderRequestMatcher(headerName).matches(request)).isFalse();
    }

View Full Code Here

    }


    @Test
    public void matchesHeaderNameValueMatches() {
        request.addHeader(headerName, headerValue);
        assertThat(new RequestHeaderRequestMatcher(headerName, headerValue).matches(request)).isTrue();
    }

View Full Code Here

    }


    @Test
    public void matchesHeaderNameValueHeaderNameNotMatch() {
        request.addHeader(headerName+"notMatch", headerValue);
        assertThat(new RequestHeaderRequestMatcher(headerName, headerValue).matches(request)).isFalse();
    }

View Full Code Here

    }


    @Test
    public void matchesHeaderNameValueHeaderValueNotMatch() {
        request.addHeader(headerName, headerValue+"notMatch");
        assertThat(new RequestHeaderRequestMatcher(headerName, headerValue).matches(request)).isFalse();
    }

View Full Code Here


    @Test
    public void matchesHeaderNameValueHeaderValueMultiNotMatch() {
        request.addHeader(headerName, headerValue+"notMatch");
        request.addHeader(headerName, headerValue);
        assertThat(new RequestHeaderRequestMatcher(headerName, headerValue).matches(request)).isFalse();
    }

View Full Code Here

TOP

Related Classes of org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher

org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer

org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer

org.springframework.security.web.util.matcher.RequestHeaderRequestMatcherTests

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.