1. 包列表
  2. 类列表
  3. org.springframework.security.web.authentication.Http403ForbiddenEntryPoint

Java 类org.springframework.security.web.authentication.Http403ForbiddenEntryPoint 实例源码

项目:smt-spring-security-parent    文件:JwtApplySecurityConfiguration.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(STATELESS);
    http.apply(jwt());
    http.antMatcher("/jwt/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/jwt/one").access("hasRole('ONE')")
        .antMatchers("/jwt/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/jwt/signIn")
        .permitAll();
    http.logout().logoutUrl("/jwt/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:trivia-microservices    文件:JsonWebTokenSecurityConfig.java    
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            // disable CSRF, http basic, form login
            .csrf().disable() //
            .httpBasic().disable() //
            .formLogin().disable()

            // ReST is stateless, no sessions
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) //

            .and()

            // return 403 when not authenticated
            .exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());

    // Let child classes set up authorization paths
    setupAuthorization(http);

    http.addFilterBefore(jsonWebTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
项目:come2help    文件:OAuth2ClientConfigurer.java    
/**
 * Configure HttpSecurity. This includes:<br>
 * - resources requiring authorized <br>
 * - resources that are free to access <br>
 * - csrf token mapping <br>
 * - construction of the security filter chain
 *
 * @param httpSecurity
 * @throws Exception
 */
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
            .csrf().disable().headers().frameOptions().disable().and()
            .antMatcher("/**").authorizeRequests()
            .antMatchers("/login/**").permitAll()
            .antMatchers("/abilities/**").permitAll()
            .antMatchers("/jsondoc/**").permitAll()
            .antMatchers("/jsondoc-ui.html").permitAll()
            .antMatchers("/webjars/jsondoc-ui-webjar/**").permitAll()
            .anyRequest().authenticated().and()
            .exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()).and();

    httpSecurity.addFilterBefore(statelessJwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
    httpSecurity.addFilterBefore(createOAuth2Filter(), BasicAuthenticationFilter.class);
}
项目:swagger-cxf-rest-skeleton    文件:SecurityConfiguration.java    
@Override
protected void configure(final HttpSecurity httpSecurity) throws Exception {

    final String contextPath = servletContext.getContextPath();

    httpSecurity.csrf().disable() // Disable CSRF
            .addFilter(jSONUsernamePasswordAuthenticationFilter) // Custom username/password filter
            .addFilterAfter(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) // API token filter
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) // Session less

    .and().exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()) // Entry point

    .and().authorizeRequests().antMatchers(contextPath + "/auth/login", contextPath + "/swagger/login", contextPath + "/swagger/jquery.min.js").permitAll() // Login and Swagger login resources access
            .antMatchers(contextPath + "/*", contextPath + "/swagger/**").hasRole("ADMIN") // Admin access to Swagger
            .antMatchers(contextPath + "/**").hasAnyRole("USER", "ADMIN"); // API access
}
项目:smt-spring-security-parent    文件:StormpathAuthenticationConfiguration.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/stormpath/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/stormpath/one").access("hasRole('ONE')")
        .antMatchers("/stormpath/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/stormpath/signIn")
        .permitAll();
    http.logout().logoutUrl("/stormpath/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:AllApplyAuthenticationConfiguration.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.apply(jwt());
    http.antMatcher("/all/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/all/one").access("hasRole('ONE')")
        .antMatchers("/all/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/all/signIn")
        .permitAll();
    http.logout().logoutUrl("/all/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:AllAnnotationAuthenticationConfiguration.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/all/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/all/one").access("hasRole('ONE')")
        .antMatchers("/all/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/all/signIn")
        .permitAll();
    http.logout().logoutUrl("/all/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:SpringSecurityConfiguration.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/normal/**");
    http.csrf().disable();
    http.authorizeRequests().anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/normal/signIn")
        .permitAll();
    http.logout().logoutUrl("/normal/signOut").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:JwtAnnotationSecurityConfiguration.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(STATELESS);
    http.antMatcher("/jwt/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/jwt/one").access("hasRole('ONE')")
        .antMatchers("/jwt/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/jwt/signIn")
        .permitAll();
    http.logout().logoutUrl("/jwt/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:JwtCustomPrincipleSecurityConfigurationApply.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.apply(jwt());
    http.antMatcher("/custom/**");
    http.csrf().disable();
    http.authorizeRequests().anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/custom/signIn")
        .permitAll();
    http.logout().logoutUrl("/custom/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:JwtCustomPrincipleSecurityConfigurationAnnotation.java    
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/custom/**");
    http.csrf().disable();
    http.authorizeRequests().anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/custom/signIn")
        .permitAll();
    http.logout().logoutUrl("/custom/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:jwt-with-spring    文件:SecurityConfig.java    
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            .csrf().disable()
            .headers().cacheControl().and().and()
            .exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()).and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
            .addFilterBefore(authenticationFilter(), UsernamePasswordAuthenticationFilter.class)
            .authorizeRequests()
            .antMatchers("/favicon.ico", "/**/*.html", "/**/*.css", "/**/*.js", "/**/*.gif").permitAll()
            .antMatchers("/api/public/**").permitAll()
            .antMatchers(HttpMethod.POST, "/api/users").permitAll()
            .anyRequest().authenticated();
}
项目:singular-server    文件:SingularCASSpringSecurityConfig.java    
@Override
public void configure(HttpSecurity http) throws Exception {
    PreAuthenticatedAuthenticationProvider casAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
    casAuthenticationProvider.setPreAuthenticatedUserDetailsService(
            new UserDetailsByNameServiceWrapper<>(peticionamentoUserDetailService.orElseThrow(() ->
                            SingularServerException.rethrow(
                                    String.format("Bean %s do tipo %s não pode ser nulo. Para utilizar a configuração de segurança %s é preciso declarar um bean do tipo %s identificado pelo nome %s .",
                                            UserDetailsService.class.getName(),
                                            "peticionamentoUserDetailService",
                                            SingularCASSpringSecurityConfig.class.getName(),
                                            UserDetailsService.class.getName(),
                                            "peticionamentoUserDetailService"
                                    ))
            )
            )
    );

    ProviderManager authenticationManager = new ProviderManager(Arrays.asList(new AuthenticationProvider[]{casAuthenticationProvider}));

    J2eePreAuthenticatedProcessingFilter j2eeFilter = new J2eePreAuthenticatedProcessingFilter();
    j2eeFilter.setAuthenticationManager(authenticationManager);

    http
            .regexMatcher(getContext().getPathRegex())
            .httpBasic().authenticationEntryPoint(new Http403ForbiddenEntryPoint())
            .and()
            .csrf().disable()
            .headers().frameOptions().sameOrigin()
            .and()
            .jee().j2eePreAuthenticatedProcessingFilter(j2eeFilter)
            .and()
            .authorizeRequests()
            .antMatchers(getContext().getContextPath()).authenticated();

}
项目:spring-oauth2-jwt-minimal    文件:OAuth2ClientConfigurer.java    
/**
 * Configure HttpSecurity. This includes:<br>
 * - resources requiring authorized <br>
 * - resources that are free to access <br>
 * - csrf token mapping <br>
 * - construction of the security filter chain
 *
 * @param httpSecurity
 * @throws Exception
 */
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            .csrf().disable()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).enableSessionUrlRewriting(false).and()
            .antMatcher("/**").authorizeRequests()
            .antMatchers("/login/**").permitAll()
            .anyRequest().authenticated().and()
            .exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()).and()
            .addFilterBefore(statelessJwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
            .addFilterBefore(createSsoFilter(facebook(), facebookSuccessHandler(), "/login/facebook"), BasicAuthenticationFilter.class);
}
项目:find    文件:IdolSecurity.java    
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
    final LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
    entryPoints.put(new AntPathRequestMatcher("/api/**"), new Http403ForbiddenEntryPoint());
    entryPoints.put(AnyRequestMatcher.INSTANCE, new LoginUrlAuthenticationEntryPoint(FindController.DEFAULT_LOGIN_PAGE));
    final AuthenticationEntryPoint authenticationEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);

    http
        .csrf()
            .disable()
        .exceptionHandling()
            .authenticationEntryPoint(authenticationEntryPoint)
            .accessDeniedPage("/authentication-error")
            .and()
        .logout()
            .logoutUrl("/logout")
            .logoutSuccessUrl(FindController.DEFAULT_LOGIN_PAGE)
            .and()
        .authorizeRequests()
            .antMatchers(FindController.APP_PATH + "/**").hasAnyRole(FindRole.USER.name())
            .antMatchers(FindController.CONFIG_PATH).hasRole(FindRole.CONFIG.name())
            .antMatchers("/api/public/**").hasRole(FindRole.USER.name())
            .antMatchers("/api/bi/**").hasRole(FindRole.BI.name())
            .antMatchers("/api/config/**").hasRole(FindRole.CONFIG.name())
            .antMatchers("/api/admin/**").hasRole(FindRole.ADMIN.name())
            .antMatchers(FindController.DEFAULT_LOGIN_PAGE).permitAll()
            .antMatchers(FindController.LOGIN_PATH).permitAll()
            .antMatchers("/").permitAll()
            .anyRequest().denyAll()
            .and()
        .headers()
            .defaultsDisabled()
            .frameOptions()
            .sameOrigin();

    idolSecurityCustomizer.customize(http, authenticationManager());
}
项目:Spring-Security-Third-Edition    文件:SecurityConfig.java    
@Bean
public Http403ForbiddenEntryPoint forbiddenEntryPoint(){
    return new Http403ForbiddenEntryPoint();
}
项目:Spring-Security-Third-Edition    文件:SecurityConfig.java    
@Bean
public Http403ForbiddenEntryPoint forbiddenEntryPoint(){
    return new Http403ForbiddenEntryPoint();
}
项目:Spring-Security-Third-Edition    文件:SecurityConfig.java    
@Bean
public Http403ForbiddenEntryPoint forbiddenEntryPoint(){
    return new Http403ForbiddenEntryPoint();
}
项目:Spring-Security-Third-Edition    文件:SecurityConfig.java    
@Bean
public Http403ForbiddenEntryPoint forbiddenEntryPoint(){
    return new Http403ForbiddenEntryPoint();
}
项目:Spring-Security-Third-Edition    文件:SecurityConfig.java    
@Bean
public Http403ForbiddenEntryPoint forbiddenEntryPoint(){
    return new Http403ForbiddenEntryPoint();
}
项目:Spring-Security-Third-Edition    文件:SecurityConfig.java    
@Bean
public Http403ForbiddenEntryPoint forbiddenEntryPoint(){
    return new Http403ForbiddenEntryPoint();
}
项目:bulbs-core    文件:SecurityConfig.java    
@Override
    protected void configure(HttpSecurity http) throws Exception {
        log.info("Init Security HTTP authorizations..");
        http
            .csrf().disable()
            .authorizeRequests()
                .antMatchers("/assets/**").permitAll()
                .antMatchers("/core/identity/signIn/**").permitAll()
                .antMatchers("/core/identity/signUp/**").permitAll()
                .antMatchers("/core/websockets/info/**").permitAll()
                .antMatchers("/core/websockets/**").authenticated()
                .antMatchers("/core/bridges/**").authenticated()
                .antMatchers("/core/bulbs/**").authenticated()
                .antMatchers("/core/groups/**").authenticated()
                .antMatchers("/core/presets/**").authenticated()
                .antMatchers("/core/schedules/**").authenticated()
                .antMatchers("/manage/**").authenticated()
                .antMatchers("/**").permitAll()
                .anyRequest().authenticated()
                .and()
            .logout()
                .logoutSuccessUrl("/")
                .logoutUrl("/logout")
                .permitAll()
                .and()
            .formLogin()
                .loginPage("/")
                .loginProcessingUrl("/login")
                .failureUrl("/")
                .failureHandler(new AuthenticationFailureHandler() {
                    @Override
                    public void onAuthenticationFailure(HttpServletRequest request,
                            HttpServletResponse response, AuthenticationException exception)
                            throws IOException, ServletException {
                        response.getWriter().append("Bad credentials!");
                        response.setStatus(HttpStatus.FORBIDDEN.value());
                    }
                })

                .passwordParameter("password")
                .usernameParameter("email")
                .and()
            .rememberMe()
                .userDetailsService(userService)
                .and()
            .exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint())
            ;
        /* Allows authentication by API-KEY present in request header "Auth".
          */
        PreAuthenticationProcessingFilter preAuthFilter = new PreAuthenticationProcessingFilter();
        preAuthFilter.setAuthenticationManager(authenticationManagerBean());
        http.addFilterBefore(preAuthFilter, AbstractPreAuthenticatedProcessingFilter.class);

//        http.sessionManagement().
    }
项目:bulbs-core    文件:SecurityConfig.java    
@Override 
    protected void configure(HttpSecurity http) throws Exception {
        log.info("Init Security HTTP authorizations..");
        http
            .csrf().disable()
            .authorizeRequests()
                .antMatchers("/assets/**").permitAll()
                .antMatchers("/core/identity/signIn/**").permitAll()
                .antMatchers("/core/identity/signUp/**").permitAll()
                .antMatchers("/core/websockets/**").authenticated()
                .antMatchers("/core/websockets/info/**").permitAll()
                .antMatchers("/core/bridges/**").authenticated()
                .antMatchers("/core/bulbs/**").authenticated()
                .antMatchers("/core/groups/**").authenticated()
                .antMatchers("/core/presets/**").authenticated()
                .antMatchers("/core/schedules/**").authenticated()
                .antMatchers("/manage/**").authenticated()
                .antMatchers("/**").permitAll()
                .anyRequest().authenticated()
                .and()
            .logout()
                .logoutSuccessUrl("/")
                .logoutUrl("/logout")
                .permitAll()
                .and()
            .formLogin()

                .loginPage("/")
                .loginProcessingUrl("/login")
                .failureUrl("/")
                .failureHandler(new AuthenticationFailureHandler() {
                    @Override
                    public void onAuthenticationFailure(HttpServletRequest request, 
                            HttpServletResponse response, AuthenticationException exception) 
                            throws IOException, ServletException {
                        response.getWriter().append("Bad credentials!");
                        response.setStatus(HttpStatus.FORBIDDEN.value());
                    }
                })

                .passwordParameter("password")
                .usernameParameter("email")
                .and()
            .rememberMe()
                .userDetailsService(userService)
                .and()
            .exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint())
                .and()
            .requiresChannel().anyRequest().requiresSecure()
            ;
        /* Allows authentication by API-KEY present in request header "Auth".
          */
        PreAuthenticationProcessingFilter preAuthFilter = new PreAuthenticationProcessingFilter();
        preAuthFilter.setAuthenticationManager(authenticationManagerBean());
        http.addFilterBefore(preAuthFilter, AbstractPreAuthenticatedProcessingFilter.class);

//        http.sessionManagement().
    }
项目:arsnova-backend    文件:SecurityConfig.java    
@Bean
public static AuthenticationEntryPoint restAuthenticationEntryPoint() {
    return new Http403ForbiddenEntryPoint();
}
项目:psi-probe    文件:ProbeSecurityConfig.java    
/**
 * Gets the http 403 forbidden entry point.
 *
 * @return the http 403 forbidden entry point
 */
@Bean(name = "preAuthenticatedProcessingFilterEntryPoint")
public Http403ForbiddenEntryPoint getHttp403ForbiddenEntryPoint() {
  return new Http403ForbiddenEntryPoint();
}