Java Code Examples for org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository

The following examples show how to use org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: template-spring-boot-oauth2-wso2-is   Source File: App.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void configure(HttpSecurity http) throws Exception {
	http.antMatcher("/**")
		.authorizeRequests()
			.antMatchers("/", "/health", "/login**", "/webjars/**").permitAll()
			.anyRequest().authenticated()
		.and().logout().logoutSuccessUrl("/").permitAll()
		.and().csrf().csrfTokenRepository(new HttpSessionCsrfTokenRepository());
}
 
Example 2
Source Project: alf.io   Source File: WebSecurityConfig.java    License: GNU General Public License v3.0 5 votes vote down vote up
@Bean
public CsrfTokenRepository getCsrfTokenRepository() {
    HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
    repository.setSessionAttributeName(CSRF_SESSION_ATTRIBUTE);
    repository.setParameterName(CSRF_PARAM_NAME);
    return repository;
}
 
Example 3
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example 4
Source Project: blackduck-alert   Source File: HomeController.java    License: Apache License 2.0 4 votes vote down vote up
@Autowired
public HomeController(HttpSessionCsrfTokenRepository csrfTokenRepository, SAMLContext samlContext, ResponseFactory responseFactory) {
    this.csrfTokenRespository = csrfTokenRepository;
    this.samlContext = samlContext;
    this.responseFactory = responseFactory;
}
 
Example 5
Source Project: blackduck-alert   Source File: ApplicationConfiguration.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
public HttpSessionCsrfTokenRepository csrfTokenRepository() {
    return new HttpSessionCsrfTokenRepository();
}
 
Example 6
Source Project: Insights   Source File: AuthenticationUtils.java    License: Apache License 2.0 4 votes vote down vote up
public CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName(AuthenticationUtils.CSRF_COOKIE_NAME);
	return repository;
}
 
Example 7
Source Project: jump-the-queue   Source File: WebSecurityBeansConfig.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * This method provides a new instance of {@code CsrfTokenRepository}
 *
 * @return the newly created {@code CsrfTokenRepository}
 */
@Bean
public CsrfTokenRepository csrfTokenRepository() {

  return new HttpSessionCsrfTokenRepository();
}
 
Example 8
private CsrfTokenRepository csrfTokenRepository() {
    HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
    repository.setHeaderName("X-XSRF-TOKEN");
    return repository;
}
 
Example 9
Source Project: building-microservices   Source File: SsoUiApplication.java    License: Apache License 2.0 4 votes vote down vote up
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example 10
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example 11
private CsrfTokenRepository csrfTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName("X-XSRF-TOKEN");
	return repository;
}
 
Example 12
Source Project: moserp   Source File: OAuthConfiguration.java    License: Apache License 2.0 2 votes vote down vote up
/**
 * Angular sends the CSRF token in a custom header named "X-XSRF-TOKEN"
 * rather than the default "X-CSRF-TOKEN" that Spring security expects.
 * Hence we are now telling Spring security to expect the token in the
 * "X-XSRF-TOKEN" header.<br><br>
 *
 * This customization is added to the <code>csrf()</code> filter.
 *
 * @return
 */
private CsrfTokenRepository getCSRFTokenRepository() {
    HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
    repository.setHeaderName(CSRF_ANGULAR_HEADER_NAME);
    return repository;
}
 
Example 13
/**
 * Angular sends the CSRF token in a custom header named "X-XSRF-TOKEN"
 * rather than the default "X-CSRF-TOKEN" that Spring security expects.
 * Hence we are now telling Spring security to expect the token in the
 * "X-XSRF-TOKEN" header.<br><br>
 * 
 * This customization is added to the <code>csrf()</code> filter.
 * 
 * @return
 */
private CsrfTokenRepository getCSRFTokenRepository() {
	HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
	repository.setHeaderName(CSRF_ANGULAR_HEADER_NAME);
	return repository;
}