Java Code Examples for org.springframework.security.web.util.matcher.OrRequestMatcher

The following examples show how to use org.springframework.security.web.util.matcher.OrRequestMatcher. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
@Override
protected void configure(HttpSecurity http) throws Exception {

  http
      .requestMatchers()
      .requestMatchers(
          new NegatedRequestMatcher(
              new OrRequestMatcher(
                  new AntPathRequestMatcher("/me")
              )
          )
      )
      .and()
      .authorizeRequests()
      .antMatchers("/fevicon.ico").anonymous()
      .antMatchers("/user").authenticated()
      .and().formLogin();
}
 
Example 2
Source Project: ambari-logsearch   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Bean
public RequestMatcher requestMatcher() {
  List<RequestMatcher> matchers = Lists.newArrayList();
  matchers.add(new AntPathRequestMatcher("/docs/**"));
  matchers.add(new AntPathRequestMatcher("/swagger-ui/**"));
  matchers.add(new AntPathRequestMatcher("/swagger.html"));
  if (!authPropsConfig.isAuthJwtEnabled()) {
    matchers.add(new AntPathRequestMatcher("/"));
  }
  matchers.add(new AntPathRequestMatcher("/login"));
  matchers.add(new AntPathRequestMatcher("/logout"));
  matchers.add(new AntPathRequestMatcher("/resources/**"));
  matchers.add(new AntPathRequestMatcher("/index.html"));
  matchers.add(new AntPathRequestMatcher("/favicon.ico"));
  matchers.add(new AntPathRequestMatcher("/assets/**"));
  matchers.add(new AntPathRequestMatcher("/templates/**"));
  matchers.add(new AntPathRequestMatcher("/api/v1/info/**"));
  matchers.add(new AntPathRequestMatcher("/api/v1/swagger.json"));
  matchers.add(new AntPathRequestMatcher("/api/v1/swagger.yaml"));
  return new OrRequestMatcher(matchers);
}
 
Example 3
Source Project: fast-family-master   Source File: SecurityUtils.java    License: Apache License 2.0 5 votes vote down vote up
public static boolean skipPathRequest(HttpServletRequest request, String[] whiteList) {
    List<String> pathsToSkip = new ArrayList();
    pathsToSkip.addAll(Arrays.asList(whiteList));
    List<RequestMatcher> m = (List) pathsToSkip.stream().map((path) -> {
        return new AntPathRequestMatcher(path);
    }).collect(Collectors.toList());
    OrRequestMatcher matchers = new OrRequestMatcher(m);
    return matchers.matches(request);
}
 
Example 4
Source Project: OAuth-2.0-Cookbook   Source File: FacebookLoginFilter.java    License: MIT License 5 votes vote down vote up
public FacebookLoginFilter(
    @Value("${facebook.filter.callback-uri}") String callbackUri,
    @Value("${facebook.filter.api-base-uri}")String apiBaseUri) {
    super(new OrRequestMatcher(
        new AntPathRequestMatcher(callbackUri),
        new AntPathRequestMatcher(apiBaseUri)
    ));
    this.localMatcher = new AntPathRequestMatcher(apiBaseUri);
    setAuthenticationManager(new NoopAuthenticationManager());
}
 
Example 5
Source Project: OAuth-2.0-Cookbook   Source File: OpenIdConnectFilter.java    License: MIT License 5 votes vote down vote up
public OpenIdConnectFilter(
    @Value("${openid.callback-uri}") String callbackUri,
    @Value("${openid.api-base-uri}") String apiBaseUri) {
    super(new OrRequestMatcher(
        new AntPathRequestMatcher(callbackUri),
        new AntPathRequestMatcher(apiBaseUri)));
    this.localMatcher = new AntPathRequestMatcher(apiBaseUri);
    setAuthenticationManager(new NoopAuthenticationManager());
}
 
Example 6
Source Project: OAuth-2.0-Cookbook   Source File: OpenIdConnectFilter.java    License: MIT License 5 votes vote down vote up
public OpenIdConnectFilter(
    @Value("${openid.callback-uri}") String callbackUri,
    @Value("${openid.api-base-uri}") String apiBaseUri) {
    super(new OrRequestMatcher(
        new AntPathRequestMatcher(callbackUri),
        new AntPathRequestMatcher(apiBaseUri)));
    this.localMatcher = new AntPathRequestMatcher(apiBaseUri);
    setAuthenticationManager(new NoopAuthenticationManager());
}
 
Example 7
Source Project: iotplatform   Source File: SkipPathRequestMatcher.java    License: Apache License 2.0 5 votes vote down vote up
public SkipPathRequestMatcher(List<String> pathsToSkip, String processingPath) {
  Assert.notNull(pathsToSkip);
  List<RequestMatcher> m = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path))
      .collect(Collectors.toList());
  matchers = new OrRequestMatcher(m);
  processingMatcher = new AntPathRequestMatcher(processingPath);
}
 
Example 8
Source Project: cerberus   Source File: WebSecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
RequestMatcher getDoesRequestsRequireAuthMatcher() {

    List<RequestMatcher> whiteListMatchers =
        AUTHENTICATION_NOT_REQUIRED_WHITELIST.stream()
            .map(AntPathRequestMatcher::new)
            .collect(Collectors.toList());
    var whiteListMatcher = new OrRequestMatcher(whiteListMatchers);
    return request -> !whiteListMatcher.matches(request);
  }
 
Example 9
Source Project: cerberus   Source File: AuditLoggingFilter.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected boolean shouldNotFilter(HttpServletRequest request) {
  List<RequestMatcher> blackListMatchers =
      LOGGING_NOT_TRIGGERED_BLACKLIST.stream()
          .map(AntPathRequestMatcher::new)
          .collect(Collectors.toList());
  var blackListMatcher = new OrRequestMatcher(blackListMatchers);
  return blackListMatcher.matches(request);
}
 
Example 10
private boolean skipPathRequest(HttpServletRequest request, List<String> pathsToSkip ) {
  if(pathsToSkip == null)
    pathsToSkip = new ArrayList<String>();
  List<RequestMatcher> matchers = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path)).collect(Collectors.toList());
  OrRequestMatcher compositeMatchers = new OrRequestMatcher(matchers);
  return compositeMatchers.matches(request);
}
 
Example 11
Source Project: find   Source File: InMemoryHodSecurity.java    License: MIT License 5 votes vote down vote up
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
    final AuthenticationSuccessHandler loginSuccessHandler = new LoginSuccessHandler(FindRole.CONFIG.toString(), FindController.CONFIG_PATH, "/p/");
    final HttpSessionRequestCache requestCache = new HttpSessionRequestCache();

    requestCache.setRequestMatcher(new OrRequestMatcher(
            new AntPathRequestMatcher("/p/**"),
            new AntPathRequestMatcher(FindController.CONFIG_PATH)
    ));

    http.regexMatcher("/p/.*|/config/.*|/authenticate|/logout")
        .authorizeRequests()
            .antMatchers("/p/**").hasRole(FindRole.ADMIN.name())
            .antMatchers(FindController.CONFIG_PATH).hasRole(FindRole.CONFIG.name())
            .and()
        .requestCache()
            .requestCache(requestCache)
            .and()
        .formLogin()
            .loginPage(FindController.DEFAULT_LOGIN_PAGE)
            .loginProcessingUrl("/authenticate")
            .successHandler(loginSuccessHandler)
            .failureUrl(FindController.DEFAULT_LOGIN_PAGE + "?error=auth")
            .and()
        .logout()
            .logoutSuccessHandler(new HodLogoutSuccessHandler(new HodTokenLogoutSuccessHandler(SsoController.SSO_LOGOUT_PAGE, tokenRepository), FindController.APP_PATH))
            .and()
        .csrf()
            .disable();
}
 
Example 12
Source Project: para   Source File: IgnoredRequestMatcher.java    License: Apache License 2.0 5 votes vote down vote up
private IgnoredRequestMatcher() {
	ConfigList c = Config.getConfig().getList("security.ignored");
	List<RequestMatcher> list = new ArrayList<>(c.size());
	for (ConfigValue configValue : c) {
		list.add(new AntPathRequestMatcher((String) configValue.unwrapped()));
	}
	orMatcher = new OrRequestMatcher(list);
}
 
Example 13
Source Project: studio   Source File: OrRegexRequestMatcher.java    License: GNU General Public License v3.0 5 votes vote down vote up
public OrRegexRequestMatcher(String... patterns) {
    requestMatcher = new OrRequestMatcher(
            Stream.of(patterns)
                    .map(pattern -> new RegexRequestMatcher(pattern, null))
                    .collect(toList())
    );
}
 
Example 14
public SkipPathRequestMatcher(List<String> pathsToSkip, String processingPath) {
    Assert.notNull(pathsToSkip);
    List<RequestMatcher> m = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path)).collect(Collectors.toList());
    matchers = new OrRequestMatcher(m);
    processingMatcher = new AntPathRequestMatcher(processingPath);
}
 
Example 15
Source Project: cola-cloud   Source File: IntegrationAuthenticationFilter.java    License: MIT License 4 votes vote down vote up
public IntegrationAuthenticationFilter(){
    this.requestMatcher = new OrRequestMatcher(
            new AntPathRequestMatcher(OAUTH_TOKEN_URL, "GET"),
            new AntPathRequestMatcher(OAUTH_TOKEN_URL, "POST")
    );
}
 
Example 16
Source Project: Groza   Source File: SkipPathRequestMatcher.java    License: Apache License 2.0 4 votes vote down vote up
public SkipPathRequestMatcher(List<String> pathsToSkip, String processingPath) {
    Assert.notNull(pathsToSkip);
    List<RequestMatcher> m = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path)).collect(Collectors.toList());
    matchers = new OrRequestMatcher(m);
    processingMatcher = new AntPathRequestMatcher(processingPath);
}
 
Example 17
Source Project: springboot-seed   Source File: IntegrationAuthenticationFilter.java    License: MIT License 4 votes vote down vote up
public IntegrationAuthenticationFilter() {
    this.requestMatcher = new OrRequestMatcher(
            new AntPathRequestMatcher(OAUTH_TOKEN_URL, "GET"),
            new AntPathRequestMatcher(OAUTH_TOKEN_URL, "POST")
    );
}
 
Example 18
public SkipPathRequestMatcher(List<String> pathsToSkip, String processingPath) {
    Assert.notNull(pathsToSkip);
    List<RequestMatcher> m = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path)).collect(Collectors.toList());
    matchers = new OrRequestMatcher(m);
    processingMatcher = new AntPathRequestMatcher(processingPath);
}
 
Example 19
Source Project: springboot-security-jwt   Source File: SkipPathRequestMatcher.java    License: MIT License 4 votes vote down vote up
public SkipPathRequestMatcher(List<String> pathsToSkip, String processingPath) {
    Assert.notNull(pathsToSkip);
    List<RequestMatcher> m = pathsToSkip.stream().map(path -> new AntPathRequestMatcher(path)).collect(Collectors.toList());
    matchers = new OrRequestMatcher(m);
    processingMatcher = new AntPathRequestMatcher(processingPath);
}
 
Example 20
private RequestMatcher createWebRequestMatcher() {
  return new OrRequestMatcher(
      new AntPathRequestMatcher("/"),
      new AntPathRequestMatcher("/plugin/**"),
      new AntPathRequestMatcher("/menu/**"));
}
 
Example 21
/**
 * Returns an {@link OrRequestMatcher} that contains all the different URLs configured throughout the Service
 * Provider configuration.
 *
 * @return
 */
public RequestMatcher getRequestMatcher() {
    return new OrRequestMatcher(requestMatchers(defaultFailureURL, ssoProcessingURL, ssoHoKProcessingURL, discoveryProcessingURL,
            idpSelectionPageURL, ssoLoginURL, metadataURL, defaultTargetURL, logoutURL, singleLogoutURL));
}