org.springframework.security.web.authentication.HttpStatusEntryPoint Java Examples
The following examples show how to use
org.springframework.security.web.authentication.HttpStatusEntryPoint.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SpringSecurityConfiguration.java From crnk-example with Apache License 2.0 | 6 votes |
@Override protected void configure(HttpSecurity http) throws Exception { // consider moving to stateless and handle token on Angular side if (properties.isSecurityEnabled()) { // @formatter:off http .antMatcher("/**").authorizeRequests() .antMatchers("/", "/favicon.ico", "/assets/**", "/login**", "/styles**", "/inline**", "/polyfills**", "/scripts***", "/main**" ).permitAll() .anyRequest().authenticated() .and().logout().logoutSuccessUrl("/").permitAll() .and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) .and().exceptionHandling().authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)) // .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and().addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on } else { http.authorizeRequests().antMatchers("/**").permitAll(); http.csrf().disable(); } }
Example #2
Source File: MavenExtension.java From spring-cloud-deployer with Apache License 2.0 | 6 votes |
@Override protected void configure(HttpSecurity http) throws Exception { // We add basic auth for /preemptive so server returns 403 as // exception handling is changed to force 403. // normal maven behaviour is that it needs 401 to continue with a challenge. // This is where preemptive auth takes place as client should send auth // with every request. http .antMatcher("/preemptive/**") .authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().hasRole("USER") ) .httpBasic() .and() .exceptionHandling() .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.FORBIDDEN)); }
Example #3
Source File: BaseApiSecurityConfig.java From spring-boot-doma2-sample with Apache License 2.0 | 5 votes |
@Override protected void configure(HttpSecurity http) throws Exception { http.antMatcher(API_BASE_URL) // すべてのリクエストに認証をかける .authorizeRequests().anyRequest().authenticated() // Basic認証をかける .and().httpBasic().authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)) // CSRFチェックをしない .and().csrf().disable(); }
Example #4
Source File: SecurityConfig.java From eds-starter6-jpa with Apache License 2.0 | 5 votes |
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http //.headers() //.frameOptions().sameOrigin() // .and() .authorizeRequests() .antMatchers("/index.html", "/csrf", "/", "/router").permitAll() .antMatchers("/info", "/health").permitAll() .anyRequest().authenticated() .and() .rememberMe() .rememberMeServices(this.rememberMeServices) .key(this.appProperties.getRemembermeCookieKey()) .and() .formLogin() .successHandler(this.authenticationSuccessHandler) .failureHandler(new JsonAuthFailureHandler()) .permitAll() .and() .logout() .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()) .deleteCookies("JSESSIONID") .permitAll() .and() .exceptionHandling() .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)); // @formatter:on }
Example #5
Source File: SecurityConfig.java From securing-rest-api-spring-security with Apache License 2.0 | 4 votes |
@Bean AuthenticationEntryPoint forbiddenEntryPoint() { return new HttpStatusEntryPoint(FORBIDDEN); }
Example #6
Source File: CustomOAuth2SsoWithAuthenticationEntryPointConfigurationTests.java From spring-security-oauth2-boot with Apache License 2.0 | 4 votes |
@Override public void configure(HttpSecurity http) throws Exception { http.antMatcher("/ui/**").authorizeRequests().antMatchers("/ui/test").permitAll().anyRequest() .authenticated().and().exceptionHandling() .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)); }
Example #7
Source File: WebSecurityConfigJWT.java From quartz-manager with Apache License 2.0 | 4 votes |
@Bean public AuthenticationEntryPoint restAuthEntryPoint() { return new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED); }