Java Code Examples for org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer

The following examples show how to use org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: we-cmdb   Source File: SpringWebConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http.authorizeRequests();
    if (securityProperties.isEnabled()) {
        registry = configureWhiteListAuthentication(registry, true);
        if (AuthenticationType.lOCAL.getCode().equalsIgnoreCase(securityProperties.getAuthenticationProvider())) {
            configureLocalAuthentication(registry);
        } else if (AuthenticationType.CAS.getCode().equalsIgnoreCase(securityProperties.getAuthenticationProvider())) {
            configureCasAuthentication(registry);
        } else if (AuthenticationType.PLATFORM_AUTH.getCode().equalsIgnoreCase(securityProperties.getAuthenticationProvider())) {
            configurePlatformAuthentication(registry);
        } else {
            throw new CmdbException("Unsupported authentication-provider: " + securityProperties.getAuthenticationProvider());
        }
    } else {
        registry = configureWhiteListAuthentication(registry, false);
        configurePrivacyFreeAuthentication(registry);
    }
}
 
Example 2
Source Project: we-cmdb   Source File: SpringWebConfig.java    License: Apache License 2.0 6 votes vote down vote up
protected void configureLocalAuthentication(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) throws Exception {
    registry.antMatchers("/login-with-password*").permitAll()
            .antMatchers("/logout*").permitAll()
            .antMatchers("/ui/v2/**").permitAll()
            .antMatchers("/maintain/**").permitAll()
            .anyRequest().authenticated()
        .and()
            .formLogin()
            .loginPage("/login-with-password.html")
            .loginProcessingUrl("/login-with-password")
            .defaultSuccessUrl("/index.html")
            .failureUrl("/login-with-password.html?error=true")
        .and()
            .logout()
            .logoutUrl("/logout")
            .deleteCookies("JSESSIONID")
            .logoutSuccessUrl("/login-with-password.html")
        .and()
            .csrf()
            .disable();
}
 
Example 3
Source Project: we-cmdb   Source File: SpringWebConfig.java    License: Apache License 2.0 6 votes vote down vote up
protected void configurePrivacyFreeAuthentication(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) throws Exception {
    registry.antMatchers("/login-privacy-free*").permitAll()
            .antMatchers("/logout*").permitAll()
            .antMatchers("/ui/v2/**").permitAll()
            .antMatchers("/maintain/**").permitAll()
            .anyRequest().authenticated()
        .and()
            .formLogin()
            .loginPage("/login-privacy-free.html")
            .loginProcessingUrl("/login-privacy-free")
            .defaultSuccessUrl("/index.html")
            .failureUrl("/login-privacy-free.html?error=true")
        .and()
            .logout()
            .logoutUrl("/logout")
            .deleteCookies("JSESSIONID")
            .logoutSuccessUrl("/login-privacy-free.html")
        .and()
            .csrf()
            .disable();
}
 
Example 4
Source Project: we-cmdb   Source File: SpringWebConfig.java    License: Apache License 2.0 6 votes vote down vote up
protected ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry configureWhiteListAuthentication(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry,
        boolean checkRequired) throws Exception {
    List<String> convertedList = new ArrayList<String>();
    if (checkRequired) {
        if (StringUtils.isNotBlank(securityProperties.getWhitelistIpAddress())) {
            List<String> whiteListIpAddress = Arrays.asList(securityProperties.getWhitelistIpAddress().split(","));
            for (String ipAddress : whiteListIpAddress) {
                convertedList.add(String.format("hasIpAddress('%s')", ipAddress));
            }

            return registry.antMatchers("/**")
                    .access(StringUtils.join(convertedList, " or "));
        }
    } else {
        return registry.antMatchers("/**").permitAll();
    }
    return registry;
}
 
Example 5
Source Project: we-cmdb   Source File: SpringWebConfig.java    License: Apache License 2.0 6 votes vote down vote up
protected ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry configurePlatformAuthentication(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) throws Exception {
    registry.antMatchers("/index.html").permitAll()
            .antMatchers("/swagger-ui.html/**", "/swagger-resources/**").permitAll()
            .antMatchers("/webjars/**").permitAll()
            .antMatchers("/v2/api-docs").permitAll()
            .antMatchers("/csrf").permitAll()
            .antMatchers("/**/*.png").permitAll()
            .antMatchers("/maintain/**").permitAll()
            .anyRequest()
            .authenticated()
            .and()
            .addFilter(jwtSsoBasedAuthenticationFilter())
            .csrf()
            .disable()
            .exceptionHandling()
            .authenticationEntryPoint(new Http401AuthenticationEntryPoint());
    return registry;
}
 
Example 6
Source Project: we-cmdb   Source File: SpringWebConfig.java    License: Apache License 2.0 6 votes vote down vote up
protected void configureCasAuthentication(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) throws Exception {
    registry.and()
            .exceptionHandling()
            .authenticationEntryPoint(casAuthenticationEntryPoint())
            .and()
            .addFilter(casAuthenticationFilter())
            .addFilterBefore(logoutFilter(), LogoutFilter.class)
            .authorizeRequests()
            .anyRequest()
            .authenticated()
            .and()
            .logout()
            .permitAll()
            .and()
            .csrf()
            .disable();
            //.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
 
Example 7
Source Project: Milkomeda   Source File: WebSecurityConfig.java    License: MIT License 6 votes vote down vote up
@Override
protected void additionalConfigure(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry urlRegistry, HttpSecurity http) throws Exception {
    // 允许其它测试模块访问
    urlRegistry
            .antMatchers("/collect/**").permitAll()
            .antMatchers("/echo/**").permitAll()
            .antMatchers("/test/**").permitAll()
            .antMatchers("/order/**").permitAll()
            .antMatchers("/particle/**").permitAll()
            .antMatchers("/pay/**").permitAll()
            .antMatchers("/user/**").permitAll()
            .antMatchers("/ice/**").permitAll()
            .antMatchers("/job/**").permitAll()
            .antMatchers("/neutron/**").permitAll()
            .antMatchers("/moon/**").permitAll()
            .antMatchers("/fusion/**").permitAll()
            .antMatchers("/halo/**").permitAll()
            .antMatchers("/hydrogen/**").permitAll()
            .antMatchers("/audit/**").permitAll()
            .antMatchers("/seckill/**").permitAll()
            .antMatchers("/sundial/**").permitAll();
}
 
Example 8
@Override
public void configure(HttpSecurity http) throws Exception {
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.AuthorizedUrl authorizedUrl = setHttp(http)
            .authorizeRequests()
            .antMatchers(securityProperties.getIgnore().getUrls()).permitAll()
            .antMatchers(HttpMethod.OPTIONS).permitAll()
            .anyRequest();
    setAuthenticate(authorizedUrl);

    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
                .httpBasic().disable()
                .headers()
                .frameOptions().disable()
            .and()
                .csrf().disable();
}
 
Example 9
@Override
@SneakyThrows
public void configure(HttpSecurity httpSecurity) {
    //允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
    httpSecurity.headers().frameOptions().disable();
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>
            .ExpressionInterceptUrlRegistry registry = httpSecurity
            .authorizeRequests();

    registry.antMatchers(HttpMethod.OPTIONS, "/**").permitAll();
    //对配置的url放行 不进行验证
    ignorePropertiesConfig.getUrls()
            .forEach(url -> registry.antMatchers(url).permitAll());
    registry.anyRequest().authenticated()
            .and().csrf().disable();
}
 
Example 10
@Override
@SneakyThrows
public void configure(HttpSecurity httpSecurity) {
    //允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
    httpSecurity.headers().frameOptions().disable();
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>
            .ExpressionInterceptUrlRegistry registry = httpSecurity
            .authorizeRequests();

    registry.antMatchers(HttpMethod.OPTIONS, "/**").permitAll();
    //对配置的url放行 不进行验证
    ignorePropertiesConfig.getUrls()
            .forEach(url -> registry.antMatchers(url).permitAll());
    registry.anyRequest().authenticated()
            .and().csrf().disable();
}
 
Example 11
Source Project: fw-cloud-framework   Source File: FwResourceServerConfiguration.java    License: MIT License 6 votes vote down vote up
@Override
public void configure(HttpSecurity http) throws Exception {
	ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http.formLogin()
			// 可以通过授权登录进行访问
			.loginPage("/auth/login")
			.loginProcessingUrl("/auth/signin")
			.and()
			.authorizeRequests();

	for (String url : fwUrlsConfiguration.getCollects()) {
		registry.antMatchers(url)
				.permitAll();
	}

	registry.anyRequest()
			.authenticated()
			.and()
			.csrf()
			.disable();
	http.apply(ajaxSecurityConfigurer);
}
 
Example 12
Source Project: lolibox   Source File: SecurityConfig.java    License: Apache License 2.0 6 votes vote down vote up
@Override
    protected void configure(HttpSecurity http) throws Exception {
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http.authorizeRequests();
        registry.antMatchers("/admin/**").hasAuthority(Role.ADMIN.toString())
                .antMatchers("/image/**").permitAll()
//                .antMatchers("/webjars/**").permitAll()
//                .antMatchers("/js/**").permitAll()
//                .antMatchers("/css/**").permitAll()
//                .antMatchers("/img/**").permitAll()

                .and().formLogin().loginPage("/signin").defaultSuccessUrl("/").permitAll()
                .and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll()
                .and().csrf().ignoringAntMatchers("/admin/**"/*,"/oauth*//**"*/);

        http.headers().frameOptions().disable().and()
                .rememberMe().tokenRepository(reMemberMeRepository);

    }
 
Example 13
/**
 * 默认的配置,对外暴露
 *
 * @param http
 * @throws Exception
 */
@Override
public void configure(HttpSecurity http) throws Exception{
	//允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
	http.headers().frameOptions().disable();
	ExpressionUrlAuthorizationConfigurer<HttpSecurity>
		.ExpressionInterceptUrlRegistry registry = http
		.authorizeRequests();
	filterIgnorePropertiesConfig.getUrls()
		.forEach(url -> registry.antMatchers(url).permitAll());
	registry.anyRequest().authenticated()
		.and().csrf().disable();
}
 
Example 14
Source Project: Milkomeda   Source File: CrustConfigurerAdapter.java    License: MIT License 5 votes vote down vote up
/**
 * 预设置添加允许访问路径
 *
 * @param http HttpSecurity
 * @throws Exception 配置异常
 */
protected void presetConfigure(HttpSecurity http) throws Exception {
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry urlRegistry =
            http.authorizeRequests()
                    // 跨域预检请求
                    .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                    // 登录
                    .antMatchers(props.getLoginUrl()).permitAll()
                    .antMatchers(props.getPermitURLs().toArray(new String[0])).permitAll();
    if (!CollectionUtils.isEmpty(props.getAdditionPermitUrls())) {
        urlRegistry.antMatchers(props.getAdditionPermitUrls().toArray(new String[0])).permitAll();
    }
    // 标记匿名访问
    Map<RequestMappingInfo, HandlerMethod> handlerMethodMap = applicationContext.getBean(RequestMappingHandlerMapping.class).getHandlerMethods();
    Set<String> anonUrls = new HashSet<>();
    for (Map.Entry<RequestMappingInfo, HandlerMethod> infoEntry : handlerMethodMap.entrySet()) {
        HandlerMethod handlerMethod = infoEntry.getValue();
        CrustAnon crustAnon = handlerMethod.getMethodAnnotation(CrustAnon.class);
        if (null != crustAnon) {
            anonUrls.addAll(infoEntry.getKey().getPatternsCondition().getPatterns());
        }
    }
    if (!CollectionUtils.isEmpty(anonUrls)) {
        urlRegistry.antMatchers(anonUrls.toArray(new String[0])).permitAll();
    }

    // 自定义额外允许路径
    additionalConfigure(urlRegistry, http);
    // 其他所有请求需要身份认证
    urlRegistry.anyRequest().authenticated();
}
 
Example 15
Source Project: mall-swarm   Source File: SecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity
            .authorizeRequests();
    //不需要保护的资源路径允许访问
    for (String url : ignoreUrlsConfig().getUrls()) {
        registry.antMatchers(url).permitAll();
    }
    //允许跨域请求的OPTIONS请求
    registry.antMatchers(HttpMethod.OPTIONS)
            .permitAll();
    // 任何请求需要身份认证
    registry.and()
            .authorizeRequests()
            .anyRequest()
            .authenticated()
            // 关闭跨站请求防护及不使用session
            .and()
            .csrf()
            .disable()
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            // 自定义权限拒绝处理类
            .and()
            .exceptionHandling()
            .accessDeniedHandler(restfulAccessDeniedHandler())
            .authenticationEntryPoint(restAuthenticationEntryPoint())
            // 自定义权限拦截器JWT过滤器
            .and()
            .addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
    //有动态权限配置时添加动态权限校验过滤器
    if(dynamicSecurityService!=null){
        registry.and().addFilterBefore(dynamicSecurityFilter(), FilterSecurityInterceptor.class);
    }
}
 
Example 16
@Override
@SneakyThrows
public void configure(HttpSecurity httpSecurity) {
    //允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
    httpSecurity.headers().frameOptions().disable();
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>
            .ExpressionInterceptUrlRegistry registry = httpSecurity
            .authorizeRequests();
    //对配置的url放行 不进行验证
    ignorePropertiesConfig.getUrls()
            .forEach(url -> registry.antMatchers(url).permitAll());
    registry.anyRequest().authenticated()
            .and().csrf().disable();
}
 
Example 17
/**
 * 默认资源服务器的配置
 * @param httpSecurity
 */
@Override
@SneakyThrows
public void configure(HttpSecurity httpSecurity) {
	httpSecurity.headers().frameOptions().disable();
	ExpressionUrlAuthorizationConfigurer<HttpSecurity>
			.ExpressionInterceptUrlRegistry registry = httpSecurity
			.authorizeRequests();
	//registry.antMatchers("/user/test").permitAll();
	permitAllUrlProperties.getIgnoreUrls()
			.forEach(url -> registry.antMatchers(url).permitAll());
	registry.anyRequest().authenticated()
			.and().csrf().disable();
}
 
Example 18
Source Project: freeacs   Source File: AbstractSecurityConfig.java    License: MIT License 5 votes vote down vote up
ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry conditionalUseFileAuth(
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests) {
    if (!fileAuthUsed) {
        return authorizeRequests.antMatchers(contextPath + FileController.CTX_PATH + "/**").permitAll();
    }
    return authorizeRequests;
}
 
Example 19
Source Project: mall   Source File: SecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity
            .authorizeRequests();
    //不需要保护的资源路径允许访问
    for (String url : ignoreUrlsConfig().getUrls()) {
        registry.antMatchers(url).permitAll();
    }
    //允许跨域请求的OPTIONS请求
    registry.antMatchers(HttpMethod.OPTIONS)
            .permitAll();
    // 任何请求需要身份认证
    registry.and()
            .authorizeRequests()
            .anyRequest()
            .authenticated()
            // 关闭跨站请求防护及不使用session
            .and()
            .csrf()
            .disable()
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            // 自定义权限拒绝处理类
            .and()
            .exceptionHandling()
            .accessDeniedHandler(restfulAccessDeniedHandler())
            .authenticationEntryPoint(restAuthenticationEntryPoint())
            // 自定义权限拦截器JWT过滤器
            .and()
            .addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
    //有动态权限配置时添加动态权限校验过滤器
    if(dynamicSecurityService!=null){
        registry.and().addFilterBefore(dynamicSecurityFilter(), FilterSecurityInterceptor.class);
    }
}
 
Example 20
Source Project: Taroco   Source File: ResourceServerConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) throws Exception {
    //允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
    http.headers().frameOptions().disable();
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http
            .authorizeRequests();
    oauth2Properties.getUrlPermitAll().forEach(url -> registry.antMatchers(url).permitAll());
    // 角色和权限的验证交给拦截器去做, 这里只判断是否登录
    registry.anyRequest()
            .access("@permissionService.hasPermission(request, authentication)");
}
 
Example 21
Source Project: Taroco   Source File: WebSecurityConfigration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry =
            http
                    // 默认的用户名密码认证器
                    .authenticationProvider(daoAuthenticationProvider())
                    .apply(mobileTokenAuthenticationSecurityConfigration)
                    .and()
                    .apply(smsCodeAuthenticationSecurityConfigration)
                    .and()
                    .addFilterAt(customAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
                    .formLogin().loginPage("/").permitAll()
                    .loginProcessingUrl("/login").permitAll()
                    .and().logout().logoutUrl("/logout").permitAll().logoutSuccessHandler(logoutSuccessHandler)
                    // 异常处理filter: ExceptionTranslationFilter
                    .and().exceptionHandling()
                    // 匿名用户访问无权限资源时的异常
                    //.authenticationEntryPoint(exceptionEntryPoint)
                    // 认证过的用户访问无权限资源时的异常
                    .accessDeniedHandler(accessDeniedHandler)
                    // 开启RememberMe
                    .and().rememberMe().key(RM_KEY).rememberMeServices(rememberMeServices())
                    .and().authorizeRequests();

    final List<String> urlPermitAll = oauth2Properties.getUrlPermitAll();
    urlPermitAll.forEach(url -> registry.antMatchers(url).permitAll());
    registry.anyRequest().authenticated().and().cors().and().csrf().disable();
}
 
Example 22
Source Project: pig   Source File: ResourceServerConfiguration.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) throws Exception {
    //允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
    http.headers().frameOptions().disable();
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http
            .authorizeRequests();
    filterIgnorePropertiesConfig.getUrls().forEach(url -> registry.antMatchers(url).permitAll());
    registry.anyRequest()
            .access("@permissionService.hasPermission(request,authentication)");
}
 
Example 23
Source Project: pig   Source File: PigSecurityConfigurerAdapter.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) throws Exception {
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry =
            http.formLogin().loginPage("/authentication/require")
                    .loginProcessingUrl("/authentication/form")
                    .and()
                    .authorizeRequests();
    filterIgnorePropertiesConfig.getUrls().forEach(url -> registry.antMatchers(url).permitAll());
    registry.anyRequest().authenticated()
            .and()
            .csrf().disable();
    http.apply(mobileSecurityConfigurer);
}
 
Example 24
Source Project: fw-cloud-framework   Source File: ResourceServerConfiguration.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) throws Exception {
	// 首先进行验证码过滤逻辑
	http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class);
	// 允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
	http.headers().frameOptions().disable();
	ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http
			.authorizeRequests();
	// 排除无需认证的请求
	for (String url : urlsConfiguration.getCollects()) {
		registry.antMatchers(url).permitAll();
	}
	// 通过切面进行验证 { @link PermissionService.hasPermission }
	registry.anyRequest().access("@permissionService.hasPermission(request,authentication)");
}
 
Example 25
Source Project: elucidate-server   Source File: AuthConfig.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(HttpSecurity http) throws Exception {
    ExpressionUrlAuthorizationConfigurer.AuthorizedUrl authorizationConfigurer = http
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .authorizeRequests()
        .anyRequest();

    if (authEnabled) {
        authorizationConfigurer.authenticated();
    } else {
        authorizationConfigurer.permitAll();
    }
}
 
Example 26
Source Project: openvidu   Source File: SecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {

	// Security for API REST
	ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry conf = http.cors().and()
			.csrf().disable().authorizeRequests()
			// /api
			.antMatchers("/api/**").authenticated()
			// /config
			.antMatchers(HttpMethod.GET, "/config/openvidu-publicurl").permitAll()
			.antMatchers(HttpMethod.GET, "/config/**").authenticated()
			// /cdr
			.antMatchers(HttpMethod.GET, "/cdr/**").authenticated()
			// /accept-certificate
			.antMatchers(HttpMethod.GET, "/accept-certificate").permitAll()
			// Dashboard
			.antMatchers(HttpMethod.GET, "/dashboard/**").authenticated();

	// Security for recording layouts
	conf.antMatchers("/layouts/**").authenticated();

	// Security for recorded video files
	if (openviduConf.getOpenViduRecordingPublicAccess()) {
		conf = conf.antMatchers("/recordings/**").permitAll();
	} else {
		conf = conf.antMatchers("/recordings/**").authenticated();
	}

	conf.and().httpBasic();
}
 
Example 27
@Override
protected void configureUrlAuthorization(
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry
        expressionInterceptUrlRegistry) {
  List<AccessDecisionVoter<?>> listOfVoters = new ArrayList<>();
  listOfVoters.add(new WebExpressionVoter());
  listOfVoters.add(molgenisAccessDecisionVoter());
  expressionInterceptUrlRegistry.accessDecisionManager(new AffirmativeBased(listOfVoters));

  expressionInterceptUrlRegistry.antMatchers("/").permitAll();
}
 
Example 28
@Override
public HttpSecurity setAuthenticate(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.AuthorizedUrl authorizedUrl) {
    return authorizedUrl.access("@permissionService.hasPermission(request, authentication)").and();
}
 
Example 29
Source Project: freeacs   Source File: AbstractSecurityConfig.java    License: MIT License 4 votes vote down vote up
ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry allowHealthEndpoint(
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests) {
    return authorizeRequests.antMatchers(contextPath + OKController.CTX_PATH).permitAll();
}
 
Example 30
private void registerWatchdogProvider(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry authorizeRequests) {
    Map<String, WatchdogUrlRegistryProvider> watchdogProviders = applicationContext.getBeansOfType(WatchdogUrlRegistryProvider.class);
    watchdogProviders.values().forEach(provider -> {
        provider.configure(authorizeRequests);
    });
}