Java 类org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler 实例源码

项目:smt-spring-security-parent    文件:JwtApplySecurityConfiguration.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(STATELESS);
    http.apply(jwt());
    http.antMatcher("/jwt/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/jwt/one").access("hasRole('ONE')")
        .antMatchers("/jwt/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/jwt/signIn")
        .permitAll();
    http.logout().logoutUrl("/jwt/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:metron    文件:WebSecurityConfig.java   
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .authorizeRequests()
            .antMatchers("/", "/home", "/login").permitAll()
            .antMatchers("/app/**").permitAll()
            .antMatchers("/vendor/**").permitAll()
            .antMatchers("/fonts/**").permitAll()
            .antMatchers("/assets/images/**").permitAll()
            .antMatchers("/*.js").permitAll()
            .antMatchers("/*.ttf").permitAll()
            .antMatchers("/*.woff2").permitAll()
            .anyRequest().authenticated()
            .and().httpBasic()
            .and()
            .logout()
            .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())
            .invalidateHttpSession(true)
            .deleteCookies("JSESSIONID");
    if (Arrays.asList(environment.getActiveProfiles()).contains(MetronRestConstants.CSRF_ENABLE_PROFILE)) {
        http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
    } else {
        http.csrf().disable();
    }
}
项目:theskeleton    文件:WebSecurityConfig.java   
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .antMatchers("/oauth/authorize").authenticated()
            .and()
        .formLogin().permitAll()
            .loginPage("/login")
            .loginProcessingUrl("/auth/login")
            .failureUrl("/login?error")
            .and()
        .rememberMe()
            .rememberMeParameter("remember-me")
            .rememberMeServices(rememberMeServices)
            .and()
        .logout()
            .invalidateHttpSession(true)
            .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())
            .logoutUrl("/auth/logout")
            .permitAll()
            .and()
        .headers()
            .frameOptions().sameOrigin()
            .and()
        .sessionManagement()
            .maximumSessions(10)
            .sessionRegistry(sessionRegistry)
            .and()
        .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
            .and()
        .csrf()
            .requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize"))
            .disable()
        .cors().and()
        .apply(new SpringSocialConfigurer());
}
项目:smt-spring-security-parent    文件:StormpathAuthenticationConfiguration.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/stormpath/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/stormpath/one").access("hasRole('ONE')")
        .antMatchers("/stormpath/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/stormpath/signIn")
        .permitAll();
    http.logout().logoutUrl("/stormpath/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:AllApplyAuthenticationConfiguration.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.apply(jwt());
    http.antMatcher("/all/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/all/one").access("hasRole('ONE')")
        .antMatchers("/all/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/all/signIn")
        .permitAll();
    http.logout().logoutUrl("/all/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:AllAnnotationAuthenticationConfiguration.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/all/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/all/one").access("hasRole('ONE')")
        .antMatchers("/all/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/all/signIn")
        .permitAll();
    http.logout().logoutUrl("/all/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:SpringSecurityConfiguration.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/normal/**");
    http.csrf().disable();
    http.authorizeRequests().anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/normal/signIn")
        .permitAll();
    http.logout().logoutUrl("/normal/signOut").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:JwtAnnotationSecurityConfiguration.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(STATELESS);
    http.antMatcher("/jwt/**");
    http.csrf().disable();
    http.authorizeRequests()
        .antMatchers("/jwt/one").access("hasRole('ONE')")
        .antMatchers("/jwt/two").access("hasRole('TWO')")
        .anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/jwt/signIn")
        .permitAll();
    http.logout().logoutUrl("/jwt/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:JwtCustomPrincipleSecurityConfigurationApply.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.apply(jwt());
    http.antMatcher("/custom/**");
    http.csrf().disable();
    http.authorizeRequests().anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/custom/signIn")
        .permitAll();
    http.logout().logoutUrl("/custom/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:smt-spring-security-parent    文件:JwtCustomPrincipleSecurityConfigurationAnnotation.java   
@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/custom/**");
    http.csrf().disable();
    http.authorizeRequests().anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/custom/signIn")
        .permitAll();
    http.logout().logoutUrl("/custom/signOut")
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}
项目:eds-starter6-jpa    文件:SecurityConfig.java   
@Override
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    http
      //.headers()
        //.frameOptions().sameOrigin()
      //  .and()
      .authorizeRequests()
        .antMatchers("/index.html", "/csrf", "/", "/router").permitAll()
        .antMatchers("/info", "/health").permitAll()
        .anyRequest().authenticated()
        .and()
      .rememberMe()
           .rememberMeServices(this.rememberMeServices)
           .key(this.appProperties.getRemembermeCookieKey())
        .and()
      .formLogin()
           .successHandler(this.authenticationSuccessHandler)
           .failureHandler(new JsonAuthFailureHandler())
        .permitAll()
        .and()
      .logout()
           .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())
           .deleteCookies("JSESSIONID")
        .permitAll()
        .and()
      .exceptionHandling()
           .authenticationEntryPoint(new Http401UnauthorizedEntryPoint());
    // @formatter:on
}
项目:eds-starter6-mongodb    文件:SecurityConfig.java   
@Override
protected void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    http
      //.headers()
        //.frameOptions().sameOrigin()
      //  .and()
      .authorizeRequests()
        .antMatchers("/index.html", "/csrf", "/", "/router").permitAll()
        .antMatchers("/info", "/health").permitAll()
        .anyRequest().authenticated()
        .and()
      .rememberMe()
           .rememberMeServices(this.rememberMeServices)
           .key(this.appProperties.getRemembermeCookieKey())
        .and()
      .formLogin()
           .successHandler(this.authenticationSuccessHandler)
           .failureHandler(new JsonAuthFailureHandler())
        .permitAll()
        .and()
      .logout()
           .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())
           .deleteCookies("JSESSIONID")
        .permitAll()
        .and()
      .exceptionHandling()
           .authenticationEntryPoint(new Http401UnauthorizedEntryPoint());
    // @formatter:on
}
项目:akir    文件:SecurityConfig.java   
@Override
protected void configure(HttpSecurity http) throws Exception {
    if (config.getUrl().startsWith("https://")) {
        LOGGER.info("Enabled force https");
        http.requiresChannel().anyRequest().requiresSecure();
    }
    http
            // cache control
            .headers()
            .cacheControl().disable()
            .and()

            // access control
            .authorizeRequests()
            .antMatchers(

                    // == static resources -> permit all
                    "/css/**", "/images/**", "/js/**", "/fonts/**", "/favicon.ico",

                    // == login/register/email_verify -> permit all
                    "/register/**", "/login", "/email_verify/do_verify",

                    // == error page -> permit all
                    "/error",

                    "/yggdrasil/**"

            ).permitAll()
            .antMatchers(

                    // == (re)send_verify_email -> permit authenticated users
                    "/email_verify/**"

            ).authenticated()

            // == other urls -> permit verified users
            .anyRequest().hasAuthority("ROLE_VERIFIED")
            .and()

            // login
            .exceptionHandling()
            .authenticationEntryPoint(authEntry)

            // redirect to '/email_verify' is email is not verified
            .accessDeniedHandler((request, response, ex) -> {
                if (!isAjax(request)) {
                    Optional<User> user = UserService.getCurrentUser();
                    if (user.isPresent() && !user.get().isEmailVerified()) {
                        response.sendRedirect("/email_verify");
                        return;
                    }
                }
                request.setAttribute(ERROR_ATTRIBUTE, ex);
                response.sendError(SC_FORBIDDEN, E_ACCESS_DENIED);
            })
            .and()

            // logout
            .logout()
            .logoutUrl("/logout")
            .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler(HttpStatus.NO_CONTENT))
            .and();
}
项目:spring-cloud-dashboard    文件:BasicAuthSecurityConfiguration.java   
@Override
protected void configure(HttpSecurity http) throws Exception {
    final RequestMatcher textHtmlMatcher = new MediaTypeRequestMatcher(
            contentNegotiationStrategy,
            MediaType.TEXT_HTML);

    final String loginPage = dashboard("/#/login");

    final BasicAuthenticationEntryPoint basicAuthenticationEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthenticationEntryPoint.setRealmName(securityProperties.getBasic().getRealm());
    basicAuthenticationEntryPoint.afterPropertiesSet();

    http
        .csrf()
        .disable()
        .authorizeRequests()
        .antMatchers("/")
        .authenticated()
        .antMatchers(
                dashboard("/**"),
                "/authenticate",
                "/security/info",
                "/features",
                "/assets/**").permitAll()
    .and()
        .formLogin().loginPage(loginPage)
        .loginProcessingUrl(dashboard("/login"))
        .defaultSuccessUrl(dashboard("/")).permitAll()
    .and()
        .logout().logoutUrl(dashboard("/logout"))
            .logoutSuccessUrl(dashboard("/logout-success.html"))
        .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()).permitAll()
    .and().httpBasic()
        .and().exceptionHandling()
        .defaultAuthenticationEntryPointFor(
                new LoginUrlAuthenticationEntryPoint(loginPage),
                textHtmlMatcher)
        .defaultAuthenticationEntryPointFor(basicAuthenticationEntryPoint,
                AnyRequestMatcher.INSTANCE)
    .and()
        .authorizeRequests()
        .anyRequest().authenticated();

    final SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<ExpiringSession>(
            sessionRepository());
    sessionRepositoryFilter
            .setHttpSessionStrategy(new HeaderHttpSessionStrategy());

    http.addFilterBefore(sessionRepositoryFilter,
            ChannelProcessingFilter.class).csrf().disable();
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
项目:spring-security-angularjs    文件:SecurityConfig.java   
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .headers().disable()
        //.csrf().disable()
        .authorizeRequests()
            .antMatchers("/failure").permitAll()
            .antMatchers("/user/session").permitAll()
            .antMatchers("/user/createaccount").permitAll()
            .antMatchers("/user/resetPassword").permitAll()
            .antMatchers("/user/processResetPasswordUrl").permitAll()
            .antMatchers("/user/changePassword").permitAll()
            .antMatchers("/user/registrationConfirm").permitAll()
            .antMatchers("/v2/api-docs").hasAnyAuthority("admin")
            .antMatchers("/users/**").hasAnyAuthority("admin")
            .anyRequest().authenticated()
            .and()
        .exceptionHandling()
            .authenticationEntryPoint(restAuthenticationEntryPoint)
            .accessDeniedHandler(restAccessDeniedHandler)
            .and()
        .formLogin()
            .loginProcessingUrl("/authenticate")
            .successHandler(restAuthenticationSuccessHandler)
            .failureHandler(restAuthenticationFailureHandler)
            .usernameParameter("username")
            .passwordParameter("password")
            .permitAll()
            .and()
        .logout()
            .logoutUrl("/logout")
            .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())
            .deleteCookies("JSESSIONID")
            .permitAll()
            .and()
        .rememberMe()
            .rememberMeServices(rememberMeServices)
            .key(REMEMBER_ME_KEY)
            .and()
        .csrf()
            .requireCsrfProtectionMatcher(csrfRequestMatcher)
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
项目:ConfLab    文件:WebSecurityConfig.java   
private void logout(HttpSecurity http) throws Exception {
    http.logout().logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
}