Java Code Examples for org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

The following examples show how to use org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
@Override
protected void configure(HttpSecurity http) throws Exception {
	// @formatter:off
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(adminContextPath + "/");

	http
		.headers().frameOptions().disable()
		.and().authorizeRequests()
		.antMatchers(adminContextPath + "/assets/**"
			, adminContextPath + "/login"
			, adminContextPath + "/actuator/**"
		).permitAll()
		.anyRequest().authenticated()
		.and()
		.formLogin().loginPage(adminContextPath + "/login")
		.successHandler(successHandler).and()
		.logout().logoutUrl(adminContextPath + "/logout")
		.and()
		.httpBasic().and()
		.csrf()
		.disable();
	// @formatter:on
}
 
Example 2
/**
 * 登陆成功,返回Token 装配此bean不支持授权码模式
 * 
 * @return
 */
@Bean
public AuthenticationSuccessHandler loginSuccessHandler() {
	return new SavedRequestAwareAuthenticationSuccessHandler() {

		private RequestCache requestCache = new HttpSessionRequestCache();

		@Override
		public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
				Authentication authentication) throws IOException, ServletException {

			super.onAuthenticationSuccess(request, response, authentication);
			return;

		}
	};
}
 
Example 3
Source Project: FEBS-Cloud   Source File: FebsSecurityConfigure.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");

    http.headers().frameOptions().disable()
            .and()
            .authorizeRequests()
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout").and()
            .httpBasic().and()
            .csrf().disable();
}
 
Example 4
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    http.authorizeRequests()
                .antMatchers(adminContextPath + "/assets/**").permitAll()
                .antMatchers(adminContextPath + "/login").permitAll()
                .anyRequest().authenticated()
            .and()
                .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
                .logout().logoutUrl(adminContextPath + "/logout").and()
                .httpBasic()
            .and()
                .headers()
                .frameOptions()
                .disable()
            .and()
                .csrf().disable();
}
 
Example 5
Source Project: spring-microservice-exam   Source File: WebSecurityConfig.java    License: MIT License 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setAlwaysUseDefaultTargetUrl(true);
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    // 解决spring boot不允许加载iframe问题
    http.headers().frameOptions().disable();

    http.authorizeRequests()
            .antMatchers("/actuator/**", "/hystrix/**", "/hystrix", "*.sender").permitAll()
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout").and()
            .httpBasic().and()
            .csrf()
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            .ignoringAntMatchers(
                    adminContextPath + "/instances",
                    adminContextPath + "/actuator/**"
            );
}
 
Example 6
Source Project: spring-boot-plus   Source File: SecuritySecureConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(this.adminServer.path("/"));

    http.authorizeRequests(
            (authorizeRequests) -> authorizeRequests
                    .antMatchers(this.adminServer.path("/assets/**")).permitAll()
                    .antMatchers(this.adminServer.path("/static/**")).permitAll()
                    .antMatchers(this.adminServer.path("/login")).permitAll()
                    .anyRequest().authenticated()
    ).formLogin(
            (formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and()
    ).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults())
            .csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                    .ignoringRequestMatchers(
                            new AntPathRequestMatcher(this.adminServer.path("/instances"),
                                    HttpMethod.POST.toString()),
                            new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
                                    HttpMethod.DELETE.toString()),
                            new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))
                    ))
            .rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));
}
 
Example 7
Source Project: mall-swarm   Source File: SecuritySecureConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    http.authorizeRequests()
            //1.配置所有静态资源和登录页可以公开访问
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            //2.配置登录和登出路径
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout").and()
            //3.开启http basic支持,admin-client注册时需要使用
            .httpBasic().and()
            .csrf()
            //4.开启基于cookie的csrf保护
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            //5.忽略这些路径的csrf保护以便admin-client注册
            .ignoringAntMatchers(
                    adminContextPath + "/instances",
                    adminContextPath + "/actuator/**"
            );
}
 
Example 8
Source Project: spring-cloud-learning   Source File: SecuritySecureConfig.java    License: MIT License 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    http.authorizeRequests()
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout").and()
            .httpBasic().and()
            .csrf()
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            .ignoringAntMatchers(
                    adminContextPath + "/instances",
                    adminContextPath + "/actuator/**"
            );
    // @formatter:on
}
 
Example 9
Source Project: JetfireCloud   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");

    http.authorizeRequests()
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(adminContextPath + "/login")
            .successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout")
            .and()
            .httpBasic().and()
            .csrf().disable();
    // @formatter:on
}
 
Example 10
Source Project: lion   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    http.authorizeRequests()
            .antMatchers(adminContextPath + "/instances").permitAll()
            .antMatchers(adminContextPath + "/actuator/**").permitAll()
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler)
            .and()
            .logout().logoutUrl(adminContextPath + "/logout")
            .and()
            .httpBasic()
            .and()
            .csrf().disable();
}
 
Example 11
Source Project: Spring-Security-Third-Edition   Source File: SecurityConfig.java    License: MIT License 6 votes vote down vote up
/**
 *
 * @return
 * @throws Exception
 */
@Bean
public DomainUsernamePasswordAuthenticationFilter domainUsernamePasswordAuthenticationFilter()
        throws Exception {
    DomainUsernamePasswordAuthenticationFilter dupaf = new DomainUsernamePasswordAuthenticationFilter(
                                                            super.authenticationManagerBean());
    dupaf.setFilterProcessesUrl("/login");
    dupaf.setUsernameParameter("username");
    dupaf.setPasswordParameter("password");

    dupaf.setAuthenticationSuccessHandler(
            new SavedRequestAwareAuthenticationSuccessHandler(){{
                setDefaultTargetUrl("/default");
            }}
    );

    dupaf.setAuthenticationFailureHandler(
            new SimpleUrlAuthenticationFailureHandler(){{
                setDefaultFailureUrl("/login/form?error");
            }}
    );

    dupaf.afterPropertiesSet();

    return dupaf;
}
 
Example 12
Source Project: SpringCloud   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");

    http.authorizeRequests()
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/actuator/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(adminContextPath + "/login")
            .successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout")
            .and()
            .httpBasic().and()
            .csrf().disable();
    // @formatter:on
}
 
Example 13
Source Project: micro-service   Source File: SecuritySecureConfig.java    License: MIT License 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(path("/"));

    http.authorizeRequests()
            .antMatchers(path("/assets/**")).permitAll()
            .antMatchers(path("/login")).permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(path("/login")).successHandler(successHandler)
            .and()
            .logout().logoutUrl(path("/logout"))
            .and()
            .httpBasic().and()
            .csrf()
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            .ignoringAntMatchers(
                    path("/instances"),
                    path("/actuator/**")
            );
}
 
Example 14
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(this.adminServer.path("/"));

	http.authorizeRequests((authorizeRequests) -> authorizeRequests
			.antMatchers(this.adminServer.path("/assets/**")).permitAll()
			.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())
			.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
					.successHandler(successHandler))
			.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
			.httpBasic(Customizer.withDefaults())
			.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
					.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
							new AntPathRequestMatcher(this.adminServer.path("/instances"),
									HttpMethod.POST.toString()),
							new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
									HttpMethod.DELETE.toString()),
							new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
}
 
Example 15
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(this.adminServer.path("/"));

	http.authorizeRequests((authorizeRequests) -> authorizeRequests
			.antMatchers(this.adminServer.path("/assets/**")).permitAll()
			.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())
			.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
					.successHandler(successHandler))
			.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
			.httpBasic(Customizer.withDefaults())
			.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
					.ignoringRequestMatchers(
							new AntPathRequestMatcher(this.adminServer.path("/instances"),
									HttpMethod.POST.toString()),
							new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
									HttpMethod.DELETE.toString()),
							new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
}
 
Example 16
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(this.adminContextPath + "/");

	http.authorizeRequests((authorizeRequests) -> authorizeRequests
			.antMatchers(this.adminContextPath + "/assets/**").permitAll()
			.antMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
			.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
					.successHandler(successHandler))
			.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))
			.httpBasic(Customizer.withDefaults())
			.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
					.ignoringRequestMatchers(
							new AntPathRequestMatcher(this.adminContextPath + "/instances",
									HttpMethod.POST.toString()),
							new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
									HttpMethod.DELETE.toString()),
							new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
}
 
Example 17
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(this.adminServer.path("/"));

	http.authorizeRequests((authorizeRequests) -> authorizeRequests
			.antMatchers(this.adminServer.path("/assets/**")).permitAll()
			.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())

			.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
					.successHandler(successHandler))
			.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
			.httpBasic(Customizer.withDefaults())
			.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
					.ignoringRequestMatchers(
							new AntPathRequestMatcher(this.adminServer.path("/instances"),
									HttpMethod.POST.toString()),
							new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
									HttpMethod.DELETE.toString()),
							new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
}
 
Example 18
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(this.adminContextPath + "/");

	http.authorizeRequests((authorizeRequests) -> authorizeRequests
			.antMatchers(this.adminContextPath + "/assets/**").permitAll()
			.antMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
			.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
					.successHandler(successHandler))
			.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))
			.httpBasic(Customizer.withDefaults())
			.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
					.ignoringRequestMatchers(
							new AntPathRequestMatcher(this.adminContextPath + "/instances",
									HttpMethod.POST.toString()),
							new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
									HttpMethod.DELETE.toString()),
							new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
}
 
Example 19
Source Project: spring-boot-admin   Source File: SecuritySecureConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(this.adminServer.path("/"));

	http.authorizeRequests(
			(authorizeRequests) -> authorizeRequests.antMatchers(this.adminServer.path("/assets/**")).permitAll() // <1>
					.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated() // <2>
	).formLogin(
			(formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and() // <3>
	).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults()) // <4>
			.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) // <5>
					.ignoringRequestMatchers(
							new AntPathRequestMatcher(this.adminServer.path("/instances"),
									HttpMethod.POST.toString()), // <6>
							new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
									HttpMethod.DELETE.toString()), // <6>
							new AntPathRequestMatcher(this.adminServer.path("/actuator/**")) // <7>
					))
			.rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));
}
 
Example 20
/**
 * 登陆成功
 */
@Bean
public AuthenticationSuccessHandler loginSuccessHandler() {
    return new SavedRequestAwareAuthenticationSuccessHandler() {
        @Override
        public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                            Authentication authentication) throws IOException, ServletException {
            super.onAuthenticationSuccess(request, response, authentication);
        }
    };
}
 
Example 21
Source Project: mogu_blog_v2   Source File: WebSecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    //原因是因为springSecurty使用X-Frame-Options防止网页被Frame。所以需要关闭为了让后端的接口管理的swagger页面正常显示
    http.headers().frameOptions().disable();
    http.authorizeRequests().antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll().anyRequest().authenticated().and().formLogin()
            .loginPage(adminContextPath + "/login").successHandler(successHandler).and().logout()
            .logoutUrl(adminContextPath + "/logout").and().httpBasic().and().csrf()
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            .ignoringAntMatchers(adminContextPath + "/instances", adminContextPath + "/actuator/**");
}
 
Example 22
Source Project: fw-spring-cloud   Source File: FwSecurityConfigure.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter( "redirectTo" );

    http.authorizeRequests()
            .antMatchers( adminContextPath + "/assets/**" ).permitAll()
            .antMatchers( adminContextPath + "/login" ).permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage( adminContextPath + "/login" ).successHandler( successHandler ).and()
            .logout().logoutUrl( adminContextPath + "/logout" ).and()
            .httpBasic().and()
            .csrf().disable();
}
 
Example 23
Source Project: fw-spring-cloud   Source File: FwSecurityConfigure.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter( "redirectTo" );

    http.authorizeRequests()
            .antMatchers( adminContextPath + "/assets/**" ).permitAll()
            .antMatchers( adminContextPath + "/login" ).permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage( adminContextPath + "/login" ).successHandler( successHandler ).and()
            .logout().logoutUrl( adminContextPath + "/logout" ).and()
            .httpBasic().and()
            .csrf().disable();
}
 
Example 24
Source Project: jeecg-cloud   Source File: SecuritySecureConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    // 登录成功处理类
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    successHandler.setDefaultTargetUrl(adminContextPath + "/");

    http.authorizeRequests()
            //静态文件允许访问
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            //登录页面允许访问
            .antMatchers(adminContextPath + "/login", "/css/**", "/js/**", "/image/*").permitAll()
            //其他所有请求需要登录
            .anyRequest().authenticated()
            .and()
            //登录页面配置,用于替换security默认页面
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            //登出页面配置,用于替换security默认页面
            .logout().logoutUrl(adminContextPath + "/logout").and()
            .httpBasic().and()
            .csrf()
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            .ignoringAntMatchers(
                    "/instances",
                    "/actuator/**"
            );

}
 
Example 25
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");

    http.authorizeRequests()
            .antMatchers(adminContextPath + "/assets/**").permitAll()
            .antMatchers(adminContextPath + "/login").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout").and()
            .httpBasic().and()
            .csrf().disable();
}
 
Example 26
/**
 * Configure logging admin security authentication related information
 * Open Resource Path Access {@link ApiBootLoggingAdminSecurityAutoConfiguration#ASSETS_RESOURCE_PREFIX}
 * Open Login Page Path Access {@link ApiBootLoggingAdminSecurityAutoConfiguration#LOGIN_PAGE}
 * Enable Http Basic Auth {@link HttpSecurity#httpBasic()}
 * Disable Csrf {@link HttpSecurity#csrf()}
 *
 * @param http HttpSecurity Instance
 * @throws Exception Config Exception
 */
@Override
protected void configure(HttpSecurity http) throws Exception {
    SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successHandler.setTargetUrlParameter("redirectTo");
    http.authorizeRequests()
        .antMatchers(ASSETS_RESOURCE_PREFIX).permitAll()
        .antMatchers(LOGIN_PAGE).permitAll()
        .anyRequest().authenticated().and()
        .formLogin().loginPage(LOGIN_PAGE).successHandler(successHandler).and()
        .logout().and()
        .httpBasic().and()
        .csrf().disable();
}
 
Example 27
/**
 * Define a success handler to proceed after a crowd authentication, if it has been successful
 *
 * @return
 */
@Bean
public AuthenticationSuccessHandler authenticationSuccessHandler() {
  SavedRequestAwareAuthenticationSuccessHandler successHandler =
      new SavedRequestAwareAuthenticationSuccessHandler();
  successHandler.setDefaultTargetUrl("/home");
  successHandler.setUseReferer(true);
  successHandler.setAlwaysUseDefaultTargetUrl(true);
  return successHandler;
}
 
Example 28
Source Project: roncoo-education   Source File: SecuritySecureConfig.java    License: MIT License 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
	// @formatter:off
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");
	successHandler.setDefaultTargetUrl(adminContextPath + "/");

	http.authorizeRequests().antMatchers(adminContextPath + "/assets/**").permitAll().antMatchers(adminContextPath + "/login").permitAll().anyRequest().authenticated().and().formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and().logout().logoutUrl(adminContextPath + "/logout").and().httpBasic().and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringAntMatchers(adminContextPath + "/instances", adminContextPath + "/actuator/**");
	// @formatter:on
}
 
Example 29
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");

	http.authorizeRequests()
			.antMatchers(adminContextPath + "/assets/**").permitAll()
			.antMatchers(adminContextPath + "/login").permitAll()
			.anyRequest().authenticated()
			.and()
			.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
			.logout().logoutUrl(adminContextPath + "/logout").and()
			.httpBasic().and()
			.csrf().disable();
}
 
Example 30
@Override
protected void configure(HttpSecurity http) throws Exception {
	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
	successHandler.setTargetUrlParameter("redirectTo");

	http.authorizeRequests()
			.antMatchers(adminContextPath + "/assets/**").permitAll()
			.antMatchers(adminContextPath + "/login").permitAll()
			.anyRequest().authenticated()
			.and()
			.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
			.logout().logoutUrl(adminContextPath + "/logout").and()
			.httpBasic().and()
			.csrf().disable();
}