1. 包列表
  2. 类列表
  3. org.springframework.security.web.util.matcher.AnyRequestMatcher

Java 类org.springframework.security.web.util.matcher.AnyRequestMatcher 实例源码

项目:https-github.com-g0t4-jenkins2-course-spring-boot    文件:SpringBootWebSecurityConfiguration.java    
public static void configureHeaders(HeadersConfigurer<?> configurer,
        SecurityProperties.Headers headers) throws Exception {
    if (headers.getHsts() != Headers.HSTS.NONE) {
        boolean includeSubdomains = headers.getHsts() == Headers.HSTS.ALL;
        HstsHeaderWriter writer = new HstsHeaderWriter(includeSubdomains);
        writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
        configurer.addHeaderWriter(writer);
    }
    if (!headers.isContentType()) {
        configurer.contentTypeOptions().disable();
    }
    if (!headers.isXss()) {
        configurer.xssProtection().disable();
    }
    if (!headers.isCache()) {
        configurer.cacheControl().disable();
    }
    if (!headers.isFrame()) {
        configurer.frameOptions().disable();
    }
}
项目:spring-boot-concourse    文件:SpringBootWebSecurityConfiguration.java    
public static void configureHeaders(HeadersConfigurer<?> configurer,
        SecurityProperties.Headers headers) throws Exception {
    if (headers.getHsts() != Headers.HSTS.NONE) {
        boolean includeSubdomains = headers.getHsts() == Headers.HSTS.ALL;
        HstsHeaderWriter writer = new HstsHeaderWriter(includeSubdomains);
        writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
        configurer.addHeaderWriter(writer);
    }
    if (!headers.isContentType()) {
        configurer.contentTypeOptions().disable();
    }
    if (!headers.isXss()) {
        configurer.xssProtection().disable();
    }
    if (!headers.isCache()) {
        configurer.cacheControl().disable();
    }
    if (!headers.isFrame()) {
        configurer.frameOptions().disable();
    }
}
项目:contestparser    文件:SpringBootWebSecurityConfiguration.java    
public static void configureHeaders(HeadersConfigurer<?> configurer,
        SecurityProperties.Headers headers) throws Exception {
    if (headers.getHsts() != Headers.HSTS.NONE) {
        boolean includeSubdomains = headers.getHsts() == Headers.HSTS.ALL;
        HstsHeaderWriter writer = new HstsHeaderWriter(includeSubdomains);
        writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
        configurer.addHeaderWriter(writer);
    }
    if (!headers.isContentType()) {
        configurer.contentTypeOptions().disable();
    }
    if (!headers.isXss()) {
        configurer.xssProtection().disable();
    }
    if (!headers.isCache()) {
        configurer.cacheControl().disable();
    }
    if (!headers.isFrame()) {
        configurer.frameOptions().disable();
    }
}
项目:motech    文件:SecurityRuleBuilder.java    
private void addSecureChannel(List<Filter> filters, Protocol protocol) {
    ChannelProcessingFilter channelProcessingFilter = new ChannelProcessingFilter();
    channelProcessingFilter.setChannelDecisionManager(channelDecisionManager);

    RequestMatcher anyRequest = AnyRequestMatcher.INSTANCE;

    LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
    Collection<ConfigAttribute> configAtts = new ArrayList<>();

    switch (protocol) {
        case HTTP:
            configAtts.add(new SecurityConfig("ANY_CHANNEL"));
            break;
        case HTTPS:
            configAtts.add(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
            break;
        default:
    }

    requestMap.put(anyRequest, configAtts);
    FilterInvocationSecurityMetadataSource securityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
    channelProcessingFilter.setSecurityMetadataSource(securityMetadataSource);

    filters.add(channelProcessingFilter);
}
项目:spring-cloud-skipper    文件:SkipperOAuthSecurityConfiguration.java    
@Override
protected void configure(HttpSecurity http) throws Exception {

    final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
    basicAuthenticationEntryPoint.afterPropertiesSet();
    final Filter oauthFilter = oauthFilter();
    final BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter(
            providerManager(), basicAuthenticationEntryPoint);
    http.addFilterAfter(oauthFilter, basicAuthenticationFilter.getClass());
    http.addFilterBefore(basicAuthenticationFilter, oauthFilter.getClass());
    http.addFilterBefore(oAuth2AuthenticationProcessingFilter(), basicAuthenticationFilter.getClass());
    this.authorizationProperties.getAuthenticatedPaths().add(dashboard("/**"));
    this.authorizationProperties.getAuthenticatedPaths().add(dashboard(""));

    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry security =
        http.authorizeRequests()
                .antMatchers(this.authorizationProperties.getPermitAllPaths().toArray(new String[0]))
                .permitAll()
                .antMatchers(this.authorizationProperties.getAuthenticatedPaths().toArray(new String[0]))
                .authenticated();

    security = SecurityConfigUtils.configureSimpleSecurity(security, this.authorizationProperties);
    security.anyRequest().denyAll();
    this.securityStateBean.setAuthorizationEnabled(true);

    http.httpBasic().and()
            .logout()
            .logoutSuccessUrl(dashboard("/logout-success-oauth.html"))
            .and().csrf().disable()
            .exceptionHandling()
            .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/api/**"))
            .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint, new AntPathRequestMatcher("/actuator/**"))
            .defaultAuthenticationEntryPointFor(
                    new LoginUrlAuthenticationEntryPoint(this.authorizationProperties.getLoginProcessingUrl()),
                    AnyRequestMatcher.INSTANCE);
    this.securityStateBean.setAuthenticationEnabled(true);
}
项目:oma-riista-web    文件:CsrfCookieGeneratorFilter.java    
public CsrfCookieGeneratorFilter(final String... ignoredPatterns) {
    if (ignoredPatterns.length > 0) {
        this.ignoredMatcher = new OrRequestMatcher(Arrays.stream(ignoredPatterns)
                .map(AntPathRequestMatcher::new)
                .collect(toList()));
    } else {
        this.ignoredMatcher = new NegatedRequestMatcher(AnyRequestMatcher.INSTANCE);
    }
}
项目:microbbs    文件:WebSecurityConfig.java    
private static void configureHeaders(HeadersConfigurer<?> headers) throws Exception {
    HstsHeaderWriter writer = new HstsHeaderWriter(false);
    writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
    headers.contentTypeOptions().and().xssProtection()
            .and().cacheControl()
            .and().frameOptions().sameOrigin()
            .addHeaderWriter(writer);
}
项目:contestparser    文件:ManagementWebSecurityAutoConfiguration.java    
private RequestMatcher createDelegate() {
    ServerProperties server = ManagementWebSecurityConfigurerAdapter.this.server;
    List<RequestMatcher> matchers = new ArrayList<RequestMatcher>();
    EndpointHandlerMapping endpointHandlerMapping = ManagementWebSecurityConfigurerAdapter.this
            .getRequiredEndpointHandlerMapping();
    for (String path : this.endpointPaths.getPaths(endpointHandlerMapping)) {
        matchers.add(new AntPathRequestMatcher(server.getPath(path)));
    }
    return (matchers.isEmpty() ? AnyRequestMatcher.INSTANCE
            : new OrRequestMatcher(matchers));
}
项目:find    文件:IdolSecurity.java    
@SuppressWarnings("ProhibitedExceptionDeclared")
@Override
protected void configure(final HttpSecurity http) throws Exception {
    final LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
    entryPoints.put(new AntPathRequestMatcher("/api/**"), new Http403ForbiddenEntryPoint());
    entryPoints.put(AnyRequestMatcher.INSTANCE, new LoginUrlAuthenticationEntryPoint(FindController.DEFAULT_LOGIN_PAGE));
    final AuthenticationEntryPoint authenticationEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);

    http
        .csrf()
            .disable()
        .exceptionHandling()
            .authenticationEntryPoint(authenticationEntryPoint)
            .accessDeniedPage("/authentication-error")
            .and()
        .logout()
            .logoutUrl("/logout")
            .logoutSuccessUrl(FindController.DEFAULT_LOGIN_PAGE)
            .and()
        .authorizeRequests()
            .antMatchers(FindController.APP_PATH + "/**").hasAnyRole(FindRole.USER.name())
            .antMatchers(FindController.CONFIG_PATH).hasRole(FindRole.CONFIG.name())
            .antMatchers("/api/public/**").hasRole(FindRole.USER.name())
            .antMatchers("/api/bi/**").hasRole(FindRole.BI.name())
            .antMatchers("/api/config/**").hasRole(FindRole.CONFIG.name())
            .antMatchers("/api/admin/**").hasRole(FindRole.ADMIN.name())
            .antMatchers(FindController.DEFAULT_LOGIN_PAGE).permitAll()
            .antMatchers(FindController.LOGIN_PATH).permitAll()
            .antMatchers("/").permitAll()
            .anyRequest().denyAll()
            .and()
        .headers()
            .defaultsDisabled()
            .frameOptions()
            .sameOrigin();

    idolSecurityCustomizer.customize(http, authenticationManager());
}
项目:spring-cloud-dashboard    文件:BasicAuthSecurityConfiguration.java    
@Override
protected void configure(HttpSecurity http) throws Exception {
    final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher(
            contentNegotiationStrategy,
            MediaType.TEXT_HTML);

    final String loginPage = dashboard("/#/login");

    final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
    basicAuthenticationEntryPoint.afterPropertiesSet();

    http
        .csrf()
        .disable()
        .authorizeRequests()
        .antMatchers("/")
        .authenticated()
        .antMatchers(
                dashboard("/**"),
                "/authenticate",
                "/security/info",
                "/features",
                "/assets/**").permitAll()
    .and()
        .formLogin().loginPage(loginPage)
        .loginProcessingUrl(dashboard("/login"))
        .defaultSuccessUrl(dashboard("/")).permitAll()
    .and()
        .logout().logoutUrl(dashboard("/logout"))
            .logoutSuccessUrl(dashboard("/logout-success.html"))
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll()
    .and().httpBasic()
        .and().exceptionHandling()
        .defaultAuthenticationEntryPointFor(
                new LoginUrlAuthenticationEntryPoint(loginPage),
                textHtmlMatcher)
        .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint,
                AnyRequestMatcher.INSTANCE)
    .and()
        .authorizeRequests()
        .anyRequest().authenticated();

    final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>(
            sessionRepository());
    sessionRepositoryFilter
            .setHttpSessionStrategy(new HeaderHttpSessionStrategy());

    http.addFilterBefore(sessionRepositoryFilter,
            ChannelProcessingFilter.class).csrf().disable();
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
项目:sagan    文件:SecurityConfig.java    
private static void configureHeaders(HeadersConfigurer<?> headers) throws Exception {
    HstsHeaderWriter writer = new HstsHeaderWriter(false);
    writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
    headers.contentTypeOptions().and().xssProtection()
            .and().cacheControl().and().addHeaderWriter(writer).frameOptions();
}