Java Code Examples for org.springframework.security.config.annotation.web.builders.HttpSecurity#httpBasic()
The following examples show how to use
org.springframework.security.config.annotation.web.builders.HttpSecurity#httpBasic() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SecurityConf.java From earth-frost with Apache License 2.0 | 6 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
// Page with login form is served as /login.html and does a POST on /login
http.formLogin().loginPage("/login.html").loginProcessingUrl("/login").permitAll();
// The UI does a POST on /logout on logout
http.logout().logoutUrl("/logout").logoutSuccessUrl("/login.html");
// The ui currently doesn't support csrf
http.csrf().disable();
http.headers().frameOptions().disable();
// Requests for the login page and the static assets are allowed
http.authorizeRequests().antMatchers("/**/ui/**", "/**/css/**", "/**/js/**", "/**/images/**")
.permitAll();
// ... and any other request needs to be authorized
http.authorizeRequests().antMatchers("/**").authenticated();
// Enable so that the clients can authenticate via HTTP basic for registering
http.httpBasic();
}
Example 2
| Source File: SecurityConfig.java From promregator with Apache License 2.0 | 6 votes |
|
@Override
protected void configure(HttpSecurity security) throws Exception {
if (!this.isInboundAuthSecurityEnabled()) {
security.httpBasic().disable();
return;
}
HttpSecurity sec = security;
sec = this.determineHttpSecurityForEndpoint(sec, EndpointConstants.ENDPOINT_PATH_DISCOVERY, this.discoveryAuth);
sec = this.determineHttpSecurityForEndpoint(sec, EndpointConstants.ENDPOINT_PATH_SINGLE_ENDPOINT_SCRAPING, this.endpointAuth);
sec = this.determineHttpSecurityForEndpoint(sec, EndpointConstants.ENDPOINT_PATH_SINGLE_TARGET_SCRAPING+"/**", this.endpointAuth);
sec = this.determineHttpSecurityForEndpoint(sec, EndpointConstants.ENDPOINT_PATH_PROMREGATOR_METRICS, this.promregatorMetricsAuth);
sec = this.determineHttpSecurityForEndpoint(sec, EndpointConstants.ENDPOINT_PATH_CACHE_INVALIDATION, this.cacheInvalidateAuth);
// see also https://github.com/spring-projects/spring-security/issues/4242
security.requestCache().requestCache(this.newHttpSessionRequestCache());
// see also
// https://www.boraji.com/spring-security-4-http-basic-authentication-example
sec.httpBasic();
}
Example 3
| Source File: SecurityConfiguration.java From hentai-cloudy-rental with Do What The F*ck You Want To Public License | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/hystrix*").permitAll()
.anyRequest()
.fullyAuthenticated();
http.httpBasic();
http.csrf().disable();
}
Example 4
| Source File: SecurityConfig.java From full-teaching with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
configureUrlAuthorization(http);
// Disable CSRF protection (it is difficult to implement with ng2)
http.csrf().disable();
// Use Http Basic Authentication
http.httpBasic();
// Do not redirect when logout
http.logout().logoutSuccessHandler((rq, rs, a) -> {
});
}
Example 5
| Source File: ServletContainerConfiguration.java From haven-platform with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
final String uiPrefix = "/ui/";
final String loginUrl = uiPrefix + "login.html";
TokenAuthFilterConfigurer<HttpSecurity> tokenFilterConfigurer =
new TokenAuthFilterConfigurer<>(new RequestTokenHeaderRequestMatcher(),
new TokenAuthProvider(tokenValidator, userDetailsService, authProcessor));
http.csrf().disable()
.authenticationProvider(provider).userDetailsService(userDetailsService)
.anonymous().principal(SecurityUtils.USER_ANONYMOUS).and()
.authorizeRequests().antMatchers(uiPrefix + "/token/login").permitAll()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()//allow CORS option calls
.antMatchers(uiPrefix + "**").authenticated()
.and().headers().cacheControl().disable()
.and().formLogin().loginPage(loginUrl).permitAll().defaultSuccessUrl(uiPrefix)
.and().logout().logoutUrl(uiPrefix + "logout").logoutSuccessUrl(loginUrl)
.and().apply(tokenFilterConfigurer);
// enable after testing
// .and().sessionManagement()
// .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
// X-Frame-Options
http.headers()
.frameOptions().sameOrigin();
http.addFilterAfter(new AccessContextFilter(aclContextFactory), SwitchUserFilter.class);
//we use basic in testing and scripts
if (basicAuthEnable) {
http.httpBasic();
}
}
Example 6
| Source File: TestSecurityConfig.java From aws-serverless-java-container with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.httpBasic();
http
.authorizeRequests()
.antMatchers("/user").hasRole("ADMIN")
.and().exceptionHandling().accessDeniedPage("/access-denied");
}
Example 7
| Source File: TestWebSecurityConfig.java From apollo with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
http.csrf().disable();
http.authorizeRequests().antMatchers("/").permitAll().and()
.authorizeRequests().antMatchers("/console/**").permitAll();
http.headers().frameOptions().disable();
}
Example 8
| Source File: TestWebSecurityConfig.java From apollo with Apache License 2.0 | 5 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
http.csrf().disable();
http.authorizeRequests().antMatchers("/").permitAll().and()
.authorizeRequests().antMatchers("/console/**").permitAll();
http.headers().frameOptions().disable();
}
Example 9
| Source File: SecurityConfiguration.java From joinfaces with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
}
Example 10
| Source File: SecurityConfiguration.java From joinfaces with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
}
Example 11
| Source File: SecurityConfiguration.java From joinfaces with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
}
Example 12
| Source File: SecurityConfiguration.java From joinfaces with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
}
Example 13
| Source File: SecurityConfiguration.java From joinfaces with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
}
Example 14
| Source File: SecurityConfiguration.java From joinfaces with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
}
Example 15
| Source File: SecurityConfiguration.java From joinfaces with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
}
Example 16
| Source File: WebSecurityConfig.java From apollo with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
http.csrf().disable();
http.headers().frameOptions().sameOrigin();
}
Example 17
| Source File: CustomSecurityConfiguration.java From Spring with Apache License 2.0 | 4 votes |
|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
http.authorizeRequests().anyRequest().authenticated();
}
