org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository Java Examples

The following examples show how to use org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: App.java    From template-spring-boot-oauth2-wso2-is with Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
	http.antMatcher("/**")
		.authorizeRequests()
			.antMatchers("/", "/health", "/login**", "/webjars/**").permitAll()
			.anyRequest().authenticated()
		.and().logout().logoutSuccessUrl("/").permitAll()
		.and().csrf().csrfTokenRepository(new HttpSessionCsrfTokenRepository());
}
 
Example #2
Source File: WebSecurityConfig.java    From alf.io with GNU General Public License v3.0 5 votes vote down vote up
@Bean
public CsrfTokenRepository getCsrfTokenRepository() {
    HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
    repository.setSessionAttributeName(CSRF_SESSION_ATTRIBUTE);
    repository.setParameterName(CSRF_PARAM_NAME);
    return repository;
}
 
Example #3
Source File: UnieapSecurityConfig.java    From open-capacity-platform with Apache License 2.0 4 votes vote down vote up
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example #4
Source File: HomeController.java    From blackduck-alert with Apache License 2.0 4 votes vote down vote up
@Autowired
public HomeController(HttpSessionCsrfTokenRepository csrfTokenRepository, SAMLContext samlContext, ResponseFactory responseFactory) {
    this.csrfTokenRespository = csrfTokenRepository;
    this.samlContext = samlContext;
    this.responseFactory = responseFactory;
}
 
Example #5
Source File: ApplicationConfiguration.java    From blackduck-alert with Apache License 2.0 4 votes vote down vote up
@Bean
public HttpSessionCsrfTokenRepository csrfTokenRepository() {
    return new HttpSessionCsrfTokenRepository();
}
 
Example #6
Source File: AuthenticationUtils.java    From Insights with Apache License 2.0 4 votes vote down vote up
public CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName(AuthenticationUtils.CSRF_COOKIE_NAME);
	return repository;
}
 
Example #7
Source File: WebSecurityBeansConfig.java    From jump-the-queue with Apache License 2.0 4 votes vote down vote up
/**
 * This method provides a new instance of {@code CsrfTokenRepository}
 *
 * @return the newly created {@code CsrfTokenRepository}
 */
@Bean
public CsrfTokenRepository csrfTokenRepository() {

  return new HttpSessionCsrfTokenRepository();
}
 
Example #8
Source File: PlatformSecurityConfiguration.java    From abixen-platform with GNU Lesser General Public License v2.1 4 votes vote down vote up
private CsrfTokenRepository csrfTokenRepository() {
    HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
    repository.setHeaderName("X-XSRF-TOKEN");
    return repository;
}
 
Example #9
Source File: SsoUiApplication.java    From building-microservices with Apache License 2.0 4 votes vote down vote up
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example #10
Source File: PolymerDemoSpringSessionConfig.java    From spring-polymer-demo with Artistic License 2.0 4 votes vote down vote up
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example #11
Source File: PolymerDemoOAuthConfig.java    From spring-polymer-demo with Artistic License 2.0 4 votes vote down vote up
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example #12
Source File: OAuthConfiguration.java    From moserp with Apache License 2.0 2 votes vote down vote up
/**
 * Angular sends the CSRF token in a custom header named "X-XSRF-TOKEN"
 * rather than the default "X-CSRF-TOKEN" that Spring security expects.
 * Hence we are now telling Spring security to expect the token in the
 * "X-XSRF-TOKEN" header.<br><br>
 *
 * This customization is added to the <code>csrf()</code> filter.
 *
 * @return
 */
private CsrfTokenRepository getCSRFTokenRepository() {
    HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
    repository.setHeaderName(CSRF_ANGULAR_HEADER_NAME);
    return repository;
}
 
Example #13
Source File: OAuthConfiguration.java    From spring-boot-microservices with Apache License 2.0 2 votes vote down vote up
/**
 * Angular sends the CSRF token in a custom header named "X-XSRF-TOKEN"
 * rather than the default "X-CSRF-TOKEN" that Spring security expects.
 * Hence we are now telling Spring security to expect the token in the
 * "X-XSRF-TOKEN" header.<br><br>
 * 
 * This customization is added to the <code>csrf()</code> filter.
 * 
 * @return
 */
private CsrfTokenRepository getCSRFTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName(CSRF_ANGULAR_HEADER_NAME);
	return repository;
}