Java 类org.springframework.security.web.util.RequestMatcher 实例源码

项目:coj-web    文件:SecurityConfiguration.java   
private List<SecurityFilterChain> filterChain() {
List<SecurityFilterChain> filters = new ArrayList<SecurityFilterChain>(12);
       RequestMatcher req = new AntPathRequestMatcher("/**");

       filters.add(new DefaultSecurityFilterChain(req, new SecurityContextPersistenceFilter(), 
               logoutFilter(),cojAuthenticationProcessingFilter(),new SecurityContextHolderAwareRequestFilter(),
               rememberMeAuthenticationFilter(),anonymousAuthenticationFilter(),exceptionTranslationFilter(),filterInvocationInterceptor()
               ));
return filters;
   }
项目:metaworks_framework    文件:BroadleafGWTModuleURLMappingResourceHttpRequestHandler.java   
@Override
public void handleRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    Map<String, String> urlPatternDispatchMap = (Map<String, String>) getApplicationContext().getBean("blResourceUrlPatternRequestDispatchMap");
    for (Map.Entry<String, String> entry : urlPatternDispatchMap.entrySet()) {
        RequestMatcher matcher = new AntPathRequestMatcher(entry.getKey());
        if (matcher.matches(request)){
            request.getRequestDispatcher(entry.getValue()).forward(request, response);
            return;
        }
    }
    super.handleRequest(request, response);
}
项目:metaworks_framework    文件:CsrfFilter.java   
@Override
public void doFilter(ServletRequest baseRequest, ServletResponse baseResponse, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) baseRequest;
    HttpServletResponse response = (HttpServletResponse) baseResponse;

    boolean excludedRequestFound = false;
    if (excludedRequestPatterns != null && excludedRequestPatterns.size() > 0) {
        for (String pattern : excludedRequestPatterns) {
            RequestMatcher matcher = new AntPathRequestMatcher(pattern);
            if (matcher.matches(request)){
                excludedRequestFound = true;
                break;
            }
        }
    }

    // We only validate CSRF tokens on POST
    if (request.getMethod().equals("POST") && !excludedRequestFound) {
        String requestToken = request.getParameter(exploitProtectionService.getCsrfTokenParameter());
        try {
            exploitProtectionService.compareToken(requestToken);
        } catch (ServiceException e) {
            throw new ServletException(e);
        }
    }

    chain.doFilter(request, response);
}
项目:metaworks_framework    文件:CartStateFilter.java   
/**
 * By default, all POST requests that are not matched by the {@link #getExcludedOrderLockRequestPatterns()} list
 * (using the {@link AntPathRequestMatcher}) will be marked as requiring a lock on the Order.
 * 
 * @param req
 * @return whether or not the current request requires a lock on the order
 */
protected boolean requestRequiresLock(ServletRequest req) {
    if (!(req instanceof HttpServletRequest)) {
           return false;
    }

    if (!orderLockManager.isActive()) {
        return false;
    }

    HttpServletRequest request = (HttpServletRequest) req;

    if (!request.getMethod().equalsIgnoreCase("post")) {
        return false;
    }

    if (excludedOrderLockRequestPatterns != null && excludedOrderLockRequestPatterns.size() > 0) {
        for (String pattern : excludedOrderLockRequestPatterns) {
            RequestMatcher matcher = new AntPathRequestMatcher(pattern);
            if (matcher.matches(request)){
                return false;
            }
        }
    }

    return true;
}
项目:SparkCommerce    文件:SparkGWTModuleURLMappingResourceHttpRequestHandler.java   
@Override
public void handleRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    Map<String, String> urlPatternDispatchMap = (Map<String, String>) getApplicationContext().getBean("blResourceUrlPatternRequestDispatchMap");
    for (Map.Entry<String, String> entry : urlPatternDispatchMap.entrySet()) {
        RequestMatcher matcher = new AntPathRequestMatcher(entry.getKey());
        if (matcher.matches(request)){
            request.getRequestDispatcher(entry.getValue()).forward(request, response);
            return;
        }
    }
    super.handleRequest(request, response);
}
项目:SparkCommerce    文件:CsrfFilter.java   
@Override
public void doFilter(ServletRequest baseRequest, ServletResponse baseResponse, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) baseRequest;
    HttpServletResponse response = (HttpServletResponse) baseResponse;

    boolean excludedRequestFound = false;
    if (excludedRequestPatterns != null && excludedRequestPatterns.size() > 0) {
        for (String pattern : excludedRequestPatterns) {
            RequestMatcher matcher = new AntPathRequestMatcher(pattern);
            if (matcher.matches(request)){
                excludedRequestFound = true;
                break;
            }
        }
    }

    // We only validate CSRF tokens on POST
    if (request.getMethod().equals("POST") && !excludedRequestFound) {
        String requestToken = request.getParameter(exploitProtectionService.getCsrfTokenParameter());
        try {
            exploitProtectionService.compareToken(requestToken);
        } catch (ServiceException e) {
            throw new ServletException(e);
        }
    }

    chain.doFilter(request, response);
}
项目:SparkCommerce    文件:CartStateFilter.java   
/**
 * By default, all POST requests that are not matched by the {@link #getExcludedOrderLockRequestPatterns()} list
 * (using the {@link AntPathRequestMatcher}) will be marked as requiring a lock on the Order.
 * 
 * @param req
 * @return whether or not the current request requires a lock on the order
 */
protected boolean requestRequiresLock(ServletRequest req) {
    if (!(req instanceof HttpServletRequest)) {
           return false;
    }

    if (!orderLockManager.isActive()) {
        return false;
    }

    HttpServletRequest request = (HttpServletRequest) req;

    if (!request.getMethod().equalsIgnoreCase("post")) {
        return false;
    }

    if (excludedOrderLockRequestPatterns != null && excludedOrderLockRequestPatterns.size() > 0) {
        for (String pattern : excludedOrderLockRequestPatterns) {
            RequestMatcher matcher = new AntPathRequestMatcher(pattern);
            if (matcher.matches(request)){
                return false;
            }
        }
    }

    return true;
}
项目:SparkCore    文件:CartStateFilter.java   
/**
 * By default, all POST requests that are not matched by the {@link #getExcludedOrderLockRequestPatterns()} list
 * (using the {@link AntPathRequestMatcher}) will be marked as requiring a lock on the Order.
 * 
 * @param req
 * @return whether or not the current request requires a lock on the order
 */
protected boolean requestRequiresLock(ServletRequest req) {
    if (!(req instanceof HttpServletRequest)) {
           return false;
    }

    if (!orderLockManager.isActive()) {
        return false;
    }

    HttpServletRequest request = (HttpServletRequest) req;

    if (!request.getMethod().equalsIgnoreCase("post")) {
        return false;
    }

    if (excludedOrderLockRequestPatterns != null && excludedOrderLockRequestPatterns.size() > 0) {
        for (String pattern : excludedOrderLockRequestPatterns) {
            RequestMatcher matcher = new AntPathRequestMatcher(pattern);
            if (matcher.matches(request)){
                return false;
            }
        }
    }

    return true;
}
项目:blcdemo    文件:CsrfFilter.java   
@Override
public void doFilter(ServletRequest baseRequest, ServletResponse baseResponse, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) baseRequest;
    HttpServletResponse response = (HttpServletResponse) baseResponse;

    boolean excludedRequestFound = false;
    if (excludedRequestPatterns != null && excludedRequestPatterns.size() > 0) {
        for (String pattern : excludedRequestPatterns) {
            RequestMatcher matcher = new AntPathRequestMatcher(pattern);
            if (matcher.matches(request)){
                excludedRequestFound = true;
                break;
            }
        }
    }

    // We only validate CSRF tokens on POST
    if (request.getMethod().equals("POST") && !excludedRequestFound) {
        String requestToken = request.getParameter(exploitProtectionService.getCsrfTokenParameter());
        try {
            exploitProtectionService.compareToken(requestToken);
        } catch (ServiceException e) {
            throw new ServletException(e);
        }
    }

    chain.doFilter(request, response);
}
项目:blcdemo    文件:CartStateFilter.java   
/**
 * By default, all POST requests that are not matched by the {@link #getExcludedOrderLockRequestPatterns()} list
 * (using the {@link AntPathRequestMatcher}) will be marked as requiring a lock on the Order.
 * 
 * @param req
 * @return whether or not the current request requires a lock on the order
 */
protected boolean requestRequiresLock(ServletRequest req) {
    if (!(req instanceof HttpServletRequest)) {
           return false;
    }

    if (!orderLockManager.isActive()) {
        return false;
    }

    HttpServletRequest request = (HttpServletRequest) req;

    if (!request.getMethod().equalsIgnoreCase("post")) {
        return false;
    }

    if (excludedOrderLockRequestPatterns != null && excludedOrderLockRequestPatterns.size() > 0) {
        for (String pattern : excludedOrderLockRequestPatterns) {
            RequestMatcher matcher = new AntPathRequestMatcher(pattern);
            if (matcher.matches(request)){
                return false;
            }
        }
    }

    return true;
}
项目:gnext    文件:JdbcFilterInvocationSecurityMetadataSourceFactoryBean.java   
/**
 * Builds the request map.
 * <p>return LinkedHashMap&lt; {@link RequestMatcher}, Collection&lt; {@link ConfigAttribute}&gt;&gt </p>
 * 
 * @return requestMap order-preserving map of request definitions to attribute lists
 */
protected LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> buildRequestMap() {
     LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();

    Map<String, String> resourceMap = findResources();

    for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
        RequestMatcher key =new AntPathRequestMatcher(entry.getKey());
        requestMap.put(key, SecurityConfig.createListFromCommaDelimitedString(entry.getValue()));
    }

    return requestMap;
}
项目:opennmszh    文件:AntPatternBasedAuthenticationEntryPointChain.java   
private AuthenticationEntryPoint getAppropriateEntryPoint(HttpServletRequest request) {
    for (String pattern : m_patterns) {
        RequestMatcher matcher = new AntPathRequestMatcher(pattern);
        if (matcher.matches(request)) {
            return m_matchingEntryPoint;
        }
    }

    return m_nonMatchingEntryPoint;

}