Java Code Examples for org.springframework.boot.web.servlet.FilterRegistrationBean#setEnabled()

The following examples show how to use org.springframework.boot.web.servlet.FilterRegistrationBean#setEnabled() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: kvf-admin   File: XssFilterConfig.java    License: MIT License 6 votes vote down vote up
/**
 * xss过滤拦截器
 */
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
    FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>();
    filterRegistrationBean.setFilter(new XssFilter());
    filterRegistrationBean.setOrder(Integer.MAX_VALUE - 1);
    filterRegistrationBean.setEnabled(true);
    filterRegistrationBean.addUrlPatterns("/*");
    Map<String, String> initParameters = new HashMap<>();
    // excludes用于配置不需要参数过滤的请求url
    initParameters.put("excludes", "/favicon.ico,/img/*,/js/*,/css/*");
    // isIncludeRichText主要用于设置富文本内容是否需要过滤  TODO: 好像无效
    initParameters.put("isIncludeRichText", "true");
    // 配置过滤URL白名单
    initParameters.put(Constants.XSS_NOTICE_KEY, "");
    filterRegistrationBean.setInitParameters(initParameters);
    return filterRegistrationBean;
}
 
Example 2
@Bean("cas")
@ConditionalOnMissingBean(name = "cas")
public FilterRegistrationBean<CasAuthenticatingFilter> casFilter(
		ObjectProvider<LoginListener> loginListenerProvider,
		@Autowired(required = false) List<AuthenticationSuccessHandler> successHandlers,
		@Autowired(required = false) List<AuthenticationFailureHandler> failureHandlers,
		ShiroCasProperties properties){
	FilterRegistrationBean<CasAuthenticatingFilter> registration = new FilterRegistrationBean<CasAuthenticatingFilter>(); 
	CasAuthenticatingFilter casSsoFilter = new CasAuthenticatingFilter();
	// 监听器
	casSsoFilter.setLoginListeners(loginListenerProvider.stream().collect(Collectors.toList()));
	casSsoFilter.setFailureHandlers(failureHandlers);
	casSsoFilter.setSuccessHandlers(successHandlers);
	casSsoFilter.setFailureUrl(bizProperties.getFailureUrl());
	casSsoFilter.setSuccessUrl(bizProperties.getSuccessUrl());
	registration.setFilter(casSsoFilter);
    registration.setEnabled(false); 
    return registration;
}
 
Example 3
Source Project: CAS   File: CasCustomConfig.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 该过滤器负责用户的认证工作
 *
 * @return
 */
@Bean
public FilterRegistrationBean authenticationFilter() {
    FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
    filterRegistration.setFilter(new AuthenticationFilter());
    filterRegistration.setEnabled(casEnabled);
    if (autoconfig.getAuthFilters().size() > 0) {
        filterRegistration.setUrlPatterns(autoconfig.getAuthFilters());
    } else {
        filterRegistration.addUrlPatterns("/*");
    }
    if (autoconfig.getIgnoreFilters() != null) {
        filterRegistration.addInitParameter("ignorePattern", autoconfig.getIgnoreFilters());
    }
    filterRegistration.addInitParameter("casServerLoginUrl", autoconfig.getCasServerLoginUrl());
    filterRegistration.addInitParameter("serverName", autoconfig.getServerName());
    filterRegistration.addInitParameter("useSession", autoconfig.isUseSession() ? "true" : "false");
    filterRegistration.addInitParameter("redirectAfterValidation", autoconfig.isRedirectAfterValidation() ? "true" : "false");
    filterRegistration.setOrder(4);
    return filterRegistration;
}
 
Example 4
Source Project: CAS   File: CasCustomConfig.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 该过滤器负责用户的认证工作
 *
 * @return
 */
@Bean
public FilterRegistrationBean authenticationFilter() {
    FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
    filterRegistration.setFilter(new AuthenticationFilter());
    filterRegistration.setEnabled(casEnabled);
    if (autoconfig.getAuthFilters().size() > 0) {
        filterRegistration.setUrlPatterns(autoconfig.getAuthFilters());
    } else {
        filterRegistration.addUrlPatterns("/*");
    }
    if (autoconfig.getIgnoreFilters() != null) {
        filterRegistration.addInitParameter("ignorePattern", autoconfig.getIgnoreFilters());
    }
    filterRegistration.addInitParameter("casServerLoginUrl", autoconfig.getCasServerLoginUrl());
    filterRegistration.addInitParameter("serverName", autoconfig.getServerName());
    filterRegistration.addInitParameter("useSession", autoconfig.isUseSession() ? "true" : "false");
    filterRegistration.addInitParameter("redirectAfterValidation", autoconfig.isRedirectAfterValidation() ? "true" : "false");
    filterRegistration.setOrder(4);
    return filterRegistration;
}
 
Example 5
Source Project: runscore   File: XssConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
	FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<Filter>(new XssFilter());
	filterRegistrationBean.setOrder(1);
	filterRegistrationBean.setEnabled(true);
	filterRegistrationBean.addUrlPatterns("/*");
	return filterRegistrationBean;
}
 
Example 6
Source Project: runscore   File: XssConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
	FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<Filter>(new XssFilter());
	filterRegistrationBean.setOrder(1);
	filterRegistrationBean.setEnabled(true);
	filterRegistrationBean.addUrlPatterns("/*");
	return filterRegistrationBean;
}
 
Example 7
Source Project: runscore   File: XssConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
	FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<Filter>(new XssFilter());
	filterRegistrationBean.setOrder(1);
	filterRegistrationBean.setEnabled(true);
	filterRegistrationBean.addUrlPatterns("/*");
	return filterRegistrationBean;
}
 
Example 8
/**
 * XssFilter Bean
 */
@Bean
@SuppressWarnings({ "unchecked", "rawtypes" })
public FilterRegistrationBean xssFilterRegistrationBean() {
    FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
    filterRegistrationBean.setFilter(new XssFilter());
    filterRegistrationBean.setOrder(1);
    filterRegistrationBean.setEnabled(true);
    filterRegistrationBean.addUrlPatterns("/*");
    Map<String, String> initParameters = new HashMap<>();
    initParameters.put("excludes", "/favicon.ico,/img/*,/js/*,/css/*");
    initParameters.put("isIncludeRichText", "true");
    filterRegistrationBean.setInitParameters(initParameters);
    return filterRegistrationBean;
}
 
Example 9
@Bean
public FilterRegistrationBean shiroFilterRegistration() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(new DelegatingFilterProxy("shiroFilter"));
    //该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
    registration.addInitParameter("targetFilterLifecycle", "true");
    registration.setEnabled(true);
    registration.setOrder(Integer.MAX_VALUE - 1);
    registration.addUrlPatterns("/*");
    return registration;
}
 
Example 10
Source Project: CAS   File: CasCustomConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
 * 比如AssertionHolder.getAssertion().getPrincipal().getName()。
 * 这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息
 *
 * @return
 */
@Bean
public FilterRegistrationBean assertionThreadLocalFilter() {
    FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
    filterRegistration.setFilter(new AssertionThreadLocalFilter());
    filterRegistration.setEnabled(true);
    if (autoconfig.getAssertionFilters().size() > 0) {
        filterRegistration.setUrlPatterns(autoconfig.getAssertionFilters());
    } else {
        filterRegistration.addUrlPatterns("/*");
    }
    filterRegistration.setOrder(7);
    return filterRegistration;
}
 
Example 11
Source Project: chronus   File: ShiroConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<Filter> filterRegistrationBean(ShiroFilterFactoryBean shiroFilterFactoryBean) throws Exception {
    FilterRegistrationBean<Filter> filterRegistration = new FilterRegistrationBean<>();
    filterRegistration.setFilter((Filter) shiroFilterFactoryBean.getObject());
    filterRegistration.addInitParameter("targetFilterLifecycle", "true");
    filterRegistration.setAsyncSupported(true);
    filterRegistration.setEnabled(true);
    //这里添加一下对DispatcherType.ASYNC的支持就可以了
    filterRegistration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC);
    return filterRegistration;
}
 
Example 12
Source Project: CAS   File: CasCustomConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
 *
 * @return
 */
@Bean
public FilterRegistrationBean singleSignOutFilter() {
    FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
    filterRegistration.setFilter(new SingleSignOutFilter());
    filterRegistration.setEnabled(casEnabled);
    if (autoconfig.getSignOutFilters().size() > 0) {
        filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters());
    } else {
        filterRegistration.addUrlPatterns("/*");
    }
    filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix());
    filterRegistration.setOrder(3);
    return filterRegistration;
}
 
Example 13
Source Project: EasyEE   File: ShiroConfiguration.java    License: MIT License 5 votes vote down vote up
/**
 * 取消 Shiro Filter 的/*自动注册行为
 * @param filter
 * @return
 */
@Bean
public FilterRegistrationBean disableRegistrationShiroFilter(AbstractShiroFilter filter) {
	FilterRegistrationBean registration = new FilterRegistrationBean(filter);
	registration.setEnabled(false);
	return registration;
}
 
Example 14
Source Project: utils   File: ShiroAutoConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Bean(name = "shiroFilter")
@DependsOn("securityManager")
@ConditionalOnMissingBean
public FilterRegistrationBean filterRegistrationBean(SecurityManager securityManager) throws Exception {
    FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
    //该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
    filterRegistration.addInitParameter("targetFilterLifecycle", "true");
    filterRegistration.setFilter((Filter) getShiroFilterFactoryBean(securityManager).getObject());
    filterRegistration.setEnabled(true);
    filterRegistration.addUrlPatterns("/*");

    return filterRegistration;
}
 
Example 15
Source Project: EasyEE   File: ShiroConfiguration.java    License: MIT License 5 votes vote down vote up
/**
 * 取消 Shiro Filter 的/*自动注册行为
 * @param filter
 * @return
 */
@Bean
public FilterRegistrationBean disableRegistrationLogout(EasyLogoutFilter filter) {
    FilterRegistrationBean registration = new FilterRegistrationBean(filter);
    registration.setEnabled(false);
    return registration;
}
 
Example 16
@Bean
public FilterRegistrationBean filterLoginRegistration() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    //注入过滤器
    registration.setFilter(new LoginFilter());
    //拦截规则
    registration.addUrlPatterns("/member.html");
    //过滤器名称
    registration.setName("LoginFilter");
    //是否自动注册 false 取消Filter的自动注册
    registration.setEnabled(true);
    //过滤器顺序
    registration.setOrder(1);
    return registration;
}
 
Example 17
@Bean
public FilterRegistrationBean facebookFilterRegistrationBean(FacebookAuthenticationFilter filter) {
	FilterRegistrationBean registration = new FilterRegistrationBean(filter);
	registration.setEnabled(false);
	return registration;
}
 
Example 18
/**
 * Registers the JavaMelody {@link MonitoringFilter}. The filter can be overridden completely by creating a custom
 * {@link FilterRegistrationBean} with the name "javamelody-registration" in the application context.
 * @param properties JavaMelodyConfigurationProperties
 * @param servletContext ServletContext
 * @return FilterRegistrationBean
 */
@Bean(name = REGISTRATION_BEAN_NAME)
@ConditionalOnMissingBean(name = REGISTRATION_BEAN_NAME)
public FilterRegistrationBean<MonitoringFilter> monitoringFilter(
		JavaMelodyConfigurationProperties properties, ServletContext servletContext) {
	final FilterRegistrationBean<MonitoringFilter> registrationBean = new FilterRegistrationBean<>();

	// Create the monitoring filter and set its configuration parameters.
	final MonitoringFilter filter;
	if (properties.isManagementEndpointMonitoringEnabled()) {
		// if the management endpoint is enabled, disable the /monitoring reports on the application port
		filter = new MonitoringFilter() {
			@Override
			protected boolean isAllowed(HttpServletRequest request,
					HttpServletResponse response) throws IOException {
				response.sendError(HttpServletResponse.SC_FORBIDDEN, "Forbidden access");
				return false;
			}
		};
	} else {
		filter = new MonitoringFilter();
	}
	filter.setApplicationType("Spring Boot");

	// Wrap the monitoring filter in the registration bean.
	registrationBean.setFilter(filter);
	registrationBean.setAsyncSupported(true);
	registrationBean.setName("javamelody");
	registrationBean.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC);

	// Set the initialization parameter for the monitoring filter.
	for (final Entry<String, String> parameter : properties.getInitParameters().entrySet()) {
		registrationBean.addInitParameter(parameter.getKey(), parameter.getValue());
	}

	// Set the URL patterns to activate the monitoring filter for.
	registrationBean.addUrlPatterns("/*");

	final FilterRegistration filterRegistration = servletContext
			.getFilterRegistration("javamelody");
	if (filterRegistration != null) {
		// if webapp deployed as war in a container with MonitoringFilter already added by web-fragment.xml,
		// do not try to add it again
		registrationBean.setEnabled(false);
		for (final Map.Entry<String, String> entry : registrationBean.getInitParameters()
				.entrySet()) {
			filterRegistration.setInitParameter(entry.getKey(), entry.getValue());
		}
	}
	return registrationBean;
}
 
Example 19
@Bean
public FilterRegistrationBean logoutFilterRegistrationBean(LogoutAuthenticationFilter filter) {
	FilterRegistrationBean registration = new FilterRegistrationBean(filter);
	registration.setEnabled(false);
	return registration;
}
 
Example 20
@Bean
public FilterRegistrationBean githubFilterRegistrationBean(GithubAuthenticationFilter filter) {
	FilterRegistrationBean registration = new FilterRegistrationBean(filter);
	registration.setEnabled(false);
	return registration;
}