@Bean @Profile("secure") public SecurityWebFilterChain securityWebFilterChainSecure(ServerHttpSecurity http) { // @formatter:off return http.authorizeExchange() .pathMatchers(adminContextPath + "/assets/**").permitAll() .pathMatchers(adminContextPath + "/login").permitAll() .anyExchange().authenticated() .and() .formLogin().loginPage(adminContextPath + "/login").and() .logout().logoutUrl(adminContextPath + "/logout").and() .httpBasic().and() .csrf().disable() .build(); // @formatter:on }
@Bean public SecurityWebFilterChain springWebFilterChain(HttpSecurity http) throws Exception { return http .authorizeExchange() .anyExchange().permitAll() // .anyExchange().authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain() { return HttpSecurity.http() .securityContextRepository( new WebSessionSecurityContextRepository()) .authorizeExchange() .anyExchange().authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain() { return HttpSecurity.http() .securityContextRepository(new WebSessionSecurityContextRepository()) .authorizeExchange() .anyExchange().authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(HttpSecurity http) { return http .authorizeExchange() .pathMatchers("/**").authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http .authorizeExchange() .pathMatchers(HttpMethod.GET, "/posts/**").permitAll() .pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN") //.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath) .anyExchange().authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http .csrf().disable() .authorizeExchange() .pathMatchers(HttpMethod.GET, "/posts/**").permitAll() .pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN") //.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath) .anyExchange().authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http .authorizeExchange() .pathMatchers(HttpMethod.GET, "/posts/**").permitAll() .pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN") .pathMatchers("/posts/**").authenticated() //.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath) .anyExchange().permitAll() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http .authorizeExchange() .pathMatchers(HttpMethod.GET, "/posts/**").permitAll() //.pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN")//replace this with method level constraints //.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath) .anyExchange().authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http .authorizeExchange() //.pathMatchers(HttpMethod.GET, "/posts/**").permitAll() //.pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN") //.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath) .anyExchange().authenticated() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http .csrf().disable() //.and() .authorizeExchange() .anyExchange().authenticated() .and() .httpBasic().securityContextRepository(new WebSessionServerSecurityContextRepository()) .and() .formLogin() .and() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http .authorizeExchange() .pathMatchers(HttpMethod.GET, "/posts/**").permitAll() .pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN") .pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath) .anyExchange().authenticated() .and() .build(); }
@Bean public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http .authorizeExchange() .anyExchange().authenticated() .and() .httpBasic(); return http.build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http.authorizeExchange() .anyExchange().permitAll() .and() .csrf().disable() .build(); }
@Bean SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception { return http.httpBasic().and() .authorizeExchange() .pathMatchers("/myapi/**").authenticated() .anyExchange().permitAll() .and() .build(); }
@Bean @Profile("insecure") public SecurityWebFilterChain securityWebFilterChainPermitAll(ServerHttpSecurity http) { return http.authorizeExchange().anyExchange().permitAll()// .and().csrf().disable()// .build(); }
@Bean SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { return http.authorizeExchange().anyExchange().permitAll()// .and().csrf().disable()// .build(); }
@Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { return http.authorizeExchange().anyExchange().permitAll()// .and().csrf().disable()// .build(); }