Java Code Examples for org.springframework.security.config.annotation.web.builders.WebSecurity

The following examples show how to use org.springframework.security.config.annotation.web.builders.WebSecurity. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: radman   Source File: SecurityConfiguration.java    License: MIT License 6 votes vote down vote up
@Override
public void configure(WebSecurity web) {
    web.ignoring().antMatchers(
            // Vaadin Flow static resources //
            "/VAADIN/**",
            // the standard favicon URI
            "/favicon.ico",
            // the robots exclusion standard
            "/robots.txt",
            // web application manifest //
            "/manifest.webmanifest",
            "/sw.js",
            "/offline-page.html",
            // (development mode) static resources //
            "/frontend/**",
            // (development mode) webjars //
            "/webjars/**",
            // (production mode) static resources //
            "/frontend-es5/**", "/frontend-es6/**");
}
 
Example 2
Source Project: spring-react-boilerplate   Source File: WebSecurityConfig.java    License: MIT License 6 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
    // AuthenticationTokenFilter will ignore the below paths
    web.ignoring()
            .antMatchers(
                    HttpMethod.POST,
                    authenticationPath
            )
            // allow anonymous resource requests
            .and()
            .ignoring()
            .antMatchers(
                    HttpMethod.GET,
                    "/",
                    "/*.html",
                    "/favicon.ico",
                    "/**/*.html",
                    "/**/*.css",
                    "/**/*.js"
            )

            .and()
            .ignoring()
            .antMatchers("/h2-console/**/**");
}
 
Example 3
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 * This is the equivalent to:
 * <pre>
 *     <http pattern="/resources/**" security="none"/>
 *     <http pattern="/css/**" security="none"/>
 *     <http pattern="/webjars/**" security="none"/>
 * </pre>
 *
 * @param web WebSecurity
 * @throws Exception
 */
@Override
public void configure(final WebSecurity web) throws Exception {
    web.ignoring()
            .antMatchers("/resources/**")
            .antMatchers("/css/**")
            .antMatchers("/webjars/**")
    ;

    // Thymeleaf needs to use the Thymeleaf configured FilterSecurityInterceptor
    // and not the default Filter from AutoConfiguration.
    final HttpSecurity http = getHttp();
    web.postBuildAction(() -> {
        web.securityInterceptor(http.getSharedObject(FilterSecurityInterceptor.class));
    });
}
 
Example 4
Source Project: api-server-seed   Source File: WebSecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void configure(WebSecurity web) {
    web
            .ignoring()
            .antMatchers(
                    "swagger-ui.html",
                    "**/swagger-ui.html",
                    "/favicon.ico",
                    "/**/*.css",
                    "/**/*.js",
                    "/**/*.png",
                    "/**/*.gif",
                    "/swagger-resources/**",
                    "/v2/**",
                    "/**/*.ttf"
            );
    web.ignoring().antMatchers("/v2/api-docs",
            "/swagger-resources/configuration/ui",
            "/swagger-resources",
            "/swagger-resources/configuration/security",
            "/swagger-ui.html"
    );
}
 
Example 5
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 * This is the equivalent to:
 * <pre>
 *     <http pattern="/resources/**" security="none"/>
 *     <http pattern="/css/**" security="none"/>
 *     <http pattern="/webjars/**" security="none"/>
 * </pre>
 *
 * see https://w3stacks.com/questions/spring-boot/3925/spring-boot-security-thymeleaf-sec-authorize-url-not-working
 * See http://vkuzel.blogspot.com/2017/02/how-not-to-get-confused-by-spring-boot.html
 *
 * @param web
 * @throws Exception
 */
@Override
public void configure(final WebSecurity web) throws Exception {

    // Ignore static resources and webjars from Spring Security
    web.ignoring()
            .antMatchers("/resources/**")
            .antMatchers("/css/**")
            .antMatchers("/webjars/**")
    ;


    // Thymeleaf needs to use the Thymeleaf configured FilterSecurityInterceptor
    // and not the default Filter from AutoConfiguration.
    final HttpSecurity http = getHttp();
    web.postBuildAction(() -> {
        web.securityInterceptor(http.getSharedObject(FilterSecurityInterceptor.class));
    });
}
 
Example 6
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 * This is the equivalent to:
 * <pre>
 *     <http pattern="/resources/**" security="none"/>
 *     <http pattern="/css/**" security="none"/>
 *     <http pattern="/webjars/**" security="none"/>
 * </pre>
 *
 * @param web WebSecurity
 * @throws Exception
 */
@Override
public void configure(final WebSecurity web) throws Exception {
    web.ignoring()
            .antMatchers("/resources/**")
            .antMatchers("/css/**")
            .antMatchers("/webjars/**")
    ;

    // Thymeleaf needs to use the Thymeleaf configured FilterSecurityInterceptor
    // and not the default Filter from AutoConfiguration.
    final HttpSecurity http = getHttp();
    web.postBuildAction(() -> {
        web.securityInterceptor(http.getSharedObject(FilterSecurityInterceptor.class));
    });
}
 
Example 7
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 * This is the equivalent to:
 * <pre>
 *     <http pattern="/resources/**" security="none"/>
 *     <http pattern="/css/**" security="none"/>
 *     <http pattern="/webjars/**" security="none"/>
 * </pre>
 *
 * @param web WebSecurity
 * @throws Exception
 */
@Override
public void configure(final WebSecurity web) throws Exception {
    web.ignoring()
            .antMatchers("/resources/**")
            .antMatchers("/css/**")
            .antMatchers("/webjars/**")
    ;

    // Thymeleaf needs to use the Thymeleaf configured FilterSecurityInterceptor
    // and not the default Filter from AutoConfiguration.
    final HttpSecurity http = getHttp();
    web.postBuildAction(() -> {
        web.securityInterceptor(http.getSharedObject(FilterSecurityInterceptor.class));
    });
}
 
Example 8
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 * This is the equivalent to:
 * <pre>
 *     <http pattern="/resources/**" security="none"/>
 *     <http pattern="/css/**" security="none"/>
 *     <http pattern="/webjars/**" security="none"/>
 * </pre>
 *
 * @param web WebSecurity
 * @throws Exception
 */
@Override
public void configure(final WebSecurity web) throws Exception {
    web.ignoring()
            .antMatchers("/resources/**")
            .antMatchers("/css/**")
            .antMatchers("/webjars/**")
    ;

    // Thymeleaf needs to use the Thymeleaf configured FilterSecurityInterceptor
    // and not the default Filter from AutoConfiguration.
    final HttpSecurity http = getHttp();
    web.postBuildAction(() -> {
        web.securityInterceptor(http.getSharedObject(FilterSecurityInterceptor.class));
    });
}
 
Example 9
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 * This is the equivalent to:
 * <pre>
 *     <http pattern="/resources/**" security="none"/>
 *     <http pattern="/css/**" security="none"/>
 *     <http pattern="/webjars/**" security="none"/>
 * </pre>
 *
 * @param web WebSecurity
 * @throws Exception
 */
@Override
public void configure(final WebSecurity web) throws Exception {
    web.ignoring()
            .antMatchers("/resources/**")
            .antMatchers("/css/**")
            .antMatchers("/webjars/**")
    ;

    // Thymeleaf needs to use the Thymeleaf configured FilterSecurityInterceptor
    // and not the default Filter from AutoConfiguration.
    final HttpSecurity http = getHttp();
    web.postBuildAction(() -> {
        web.securityInterceptor(http.getSharedObject(FilterSecurityInterceptor.class));
    });
}
 
Example 10
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 * This is the equivalent to:
 * <pre>
 *     <http pattern="/resources/**" security="none"/>
 *     <http pattern="/css/**" security="none"/>
 *     <http pattern="/webjars/**" security="none"/>
 * </pre>
 *
 * @param web
 * @throws Exception
 */
@Override
public void configure(final WebSecurity web) throws Exception {

    // Ignore static resources and webjars from Spring Security
    web.ignoring()
            .antMatchers("/resources/**")
            .antMatchers("/css/**")
            .antMatchers("/webjars/**")
    ;

    // Thymeleaf needs to use the Thymeleaf configured FilterSecurityInterceptor
    // and not the default Filter from AutoConfiguration.
    final HttpSecurity http = getHttp();
    web.postBuildAction(() -> {
        web.securityInterceptor(http.getSharedObject(FilterSecurityInterceptor.class));
    });
}
 
Example 11
Source Project: find   Source File: SecurityConfiguration.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(final WebSecurity web) {
    web.httpFirewall(firewallAllowingUrlEncodedCharacters())
        .ignoring()
        .antMatchers("/static-*/**")
        .antMatchers("/customization/**");
}
 
Example 12
@Override
public void configure(WebSecurity web) throws Exception {
	//@formatter:off
	web
		.ignoring()
			.antMatchers(UNSECURED_RESOURCE_LIST);
	//@formatter:on
}
 
Example 13
Source Project: influx-proxy   Source File: SecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
    List<String> ignore = Arrays.asList("/health", "/actuator/**");
    web.
            ignoring()
            .requestMatchers(PathRequest.toStaticResources().atCommonLocations())
            .antMatchers(ignore.toArray(new String[0]))
            .antMatchers("/api/**");
}
 
Example 14
@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
        .antMatchers(HttpMethod.OPTIONS, "/**")
        .antMatchers("/app/**/*.{js,html}")
        .antMatchers("/bower_components/**")
        .antMatchers("/i18n/**")
        .antMatchers("/content/**")
        .antMatchers("/swagger-ui/index.html")
        .antMatchers("/test/**")
        .antMatchers("/h2-console/**");
}
 
Example 15
Source Project: tutorials   Source File: MicroserviceSecurityConfiguration.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
        .antMatchers(HttpMethod.OPTIONS, "/**")
        .antMatchers("/app/**/*.{js,html}")
        .antMatchers("/bower_components/**")
        .antMatchers("/i18n/**")
        .antMatchers("/content/**")
        .antMatchers("/swagger-ui/index.html")
        .antMatchers("/test/**")
        .antMatchers("/h2-console/**");
}
 
Example 16
Source Project: ReCiter   Source File: APISecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
	if(!securityEnabled) {
     web
     .ignoring()
     .antMatchers("/reciter/**");
	} 
}
 
Example 17
Source Project: Spring-5.0-Cookbook   Source File: AppSecurityModelG.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
  web
    .ignoring()
       .antMatchers("/resources/**")
       .antMatchers("/css/**")
       .antMatchers("/js/**")
       .antMatchers("/image/**");
}
 
Example 18
@Override
public void configure(WebSecurity web) throws Exception {
    /*
     * these matches will not go through the security filter (all above
     * static folder)
     */
    web.ignoring().antMatchers("/actuator/**", "/webjars/**", "favicon.ico", "/blueimpgallery/**", "/lightbox/**", "/static/**", "/css/**", "/fonts/**", "/images/**", "/js/**");
}
 
Example 19
Source Project: Spring-5.0-Cookbook   Source File: AppSecurityConfig.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
  web
    .ignoring()
       .antMatchers("/resources/**")
       .antMatchers("/css/**")
       .antMatchers("/js/**")
       .antMatchers("/image/**");
}
 
Example 20
Source Project: tutorials   Source File: SecurityConfiguration.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
        .antMatchers(HttpMethod.OPTIONS, "/**")
        .antMatchers("/app/**/*.{js,html}")
        .antMatchers("/bower_components/**")
        .antMatchers("/i18n/**")
        .antMatchers("/content/**")
        .antMatchers("/swagger-ui/index.html")
        .antMatchers("/test/**")
        .antMatchers("/h2-console/**");
}
 
Example 21
Source Project: Spring-5.0-Cookbook   Source File: AppSecurityConfig.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
  web
    .ignoring()
       .antMatchers("/resources/**")
       .antMatchers("/css/**")
       .antMatchers("/js/**")
       .antMatchers("/image/**");
}
 
Example 22
Source Project: wallride   Source File: WallRideSecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
	// @formatter:off
	web
		.ignoring()
			.antMatchers("/_admin/resources/**")
			.antMatchers("/_admin/webjars/**")
			.antMatchers("/_admin/setup**")
			.antMatchers("/_admin/signup**");
	// @formatter:on
}
 
Example 23
@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
        .antMatchers("/scripts/**/*.{js,html}")
        .antMatchers("/bower_components/**")
        .antMatchers("/i18n/**")
        .antMatchers("/assets/**")
        .antMatchers("/swagger-ui/**")
        .antMatchers("/api/register")
        .antMatchers("/api/activate")
        .antMatchers("/api/account/reset_password/init")
        .antMatchers("/api/account/reset_password/finish")
        .antMatchers("/test/**");
}
 
Example 24
Source Project: promregator   Source File: SecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
private WebSecurity determineWebSecurityForEndpoint(WebSecurity secInitial, String endpoint, InboundAuthorizationMode iam) {

		WebSecurity sec = secInitial;
		if (iam == InboundAuthorizationMode.NONE) {
			System.err.println(String.format("Endpoint %s is NOT authentication protected", endpoint));
			sec = sec.ignoring().antMatchers(endpoint).and();
		}
		return sec;
	}
 
Example 25
Source Project: Spring-5.0-Cookbook   Source File: AppSecurityConfig.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
  web
    .ignoring()
       .antMatchers("/resources/**")
       .antMatchers("/css/**")
       .antMatchers("/js/**")
       .antMatchers("/image/**");
}
 
Example 26
Source Project: spring-boot-cookbook   Source File: SecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
    //allow Swagger URL to be accessed without authentication
    web.ignoring().antMatchers( //"/v2/api-docs",//change to /swagger and custom the groupName
            "/swagger",// Resolve conflicts version number
            "/swagger-resources/configuration/ui",//用来获取支持的动作
            "/swagger-resources",//用来获取api-docs的URI
            "/swagger-resources/configuration/security",//安全选项
            "/webjars/**",///swagger-ui.html使用的一些资源文件在webjars目录下。eg:http://localhost/webjars/springfox-swagger-ui/images/logo_small.png
            "/swagger-ui.html",
            "/h2/**" // h2/query.jsp?jsessionid=f2e1c5f5748414b8b4f8e844f74ef99d.The H2 database provides a browser-based console that Spring Boot can auto-configure for you.
    );
}
 
Example 27
Source Project: alchemy   Source File: SecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
        .antMatchers(HttpMethod.OPTIONS, "/**")
        .antMatchers("/app/**/*.{js,html}")
        .antMatchers("/i18n/**")
        .antMatchers("/content/**")
        .antMatchers("/h2-console/**")
        .antMatchers("/swagger-ui/index.html")
        .antMatchers("/test/**");
}
 
Example 28
@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
        .antMatchers(HttpMethod.OPTIONS, "/**")
        .antMatchers("/app/**/*.{js,html}")
        .antMatchers("/bower_components/**")
        .antMatchers("/i18n/**")
        .antMatchers("/content/**")
        .antMatchers("/swagger-ui/index.html")
        .antMatchers("/test/**")
        .antMatchers("/h2-console/**");
}
 
Example 29
Source Project: nifi   Source File: NiFiWebApiSecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(WebSecurity webSecurity) throws Exception {
    // ignore the access endpoints for obtaining the access config, the access token
    // granting, and access status for a given user (note: we are not ignoring the
    // the /access/download-token and /access/ui-extension-token endpoints
    webSecurity
            .ignoring()
                .antMatchers("/access", "/access/config", "/access/token", "/access/kerberos",
                        "/access/oidc/exchange", "/access/oidc/callback", "/access/oidc/request",
                        "/access/knox/callback", "/access/knox/request");
}
 
Example 30
Source Project: ehcache3-samples   Source File: SecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring()
        .antMatchers(HttpMethod.OPTIONS, "/**")
        .antMatchers("/app/**/*.{js,html}")
        .antMatchers("/i18n/**")
        .antMatchers("/content/**")
        .antMatchers("/h2-console/**")
        .antMatchers("/swagger-ui/index.html")
        .antMatchers("/test/**");
}