mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-15 01:07:30 +08:00
Switch to multi-line security configuration
Now that we have lambda style security configuration we can further improve readability by switching to one statement per line. See gh-17525
This commit is contained in:
Phillip Webb
parent
6756385049
commit
6675f49334
@ -19,6 +19,7 @@ package org.springframework.boot.actuate.autoconfigure.security.reactive;
|
||||
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.health.HealthEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.info.InfoEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest.EndpointServerWebExchangeMatcher;
|
||||
import org.springframework.boot.actuate.health.HealthEndpoint;
|
||||
import org.springframework.boot.actuate.info.InfoEndpoint;
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
|
||||
@ -56,16 +57,17 @@ import org.springframework.security.web.server.WebFilterChainProxy;
|
||||
ReactiveOAuth2ResourceServerAutoConfiguration.class })
|
||||
public class ReactiveManagementWebSecurityAutoConfiguration {
|
||||
|
||||
private static final EndpointServerWebExchangeMatcher HEALTH_OR_INFO_ENDPOINT = EndpointRequest
|
||||
.to(HealthEndpoint.class, InfoEndpoint.class);
|
||||
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeExchange((exchanges) ->
|
||||
exchanges
|
||||
.matchers(EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class)).permitAll()
|
||||
.anyExchange().authenticated())
|
||||
.httpBasic(Customizer.withDefaults())
|
||||
.formLogin(Customizer.withDefaults());
|
||||
// @formatter:on
|
||||
http.authorizeExchange((exchanges) -> {
|
||||
exchanges.matchers(HEALTH_OR_INFO_ENDPOINT).permitAll();
|
||||
exchanges.anyExchange().authenticated();
|
||||
});
|
||||
http.httpBasic(Customizer.withDefaults());
|
||||
http.formLogin(Customizer.withDefaults());
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
|
||||
package org.springframework.boot.actuate.autoconfigure.security.servlet;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest.EndpointRequestMatcher;
|
||||
import org.springframework.boot.actuate.health.HealthEndpoint;
|
||||
import org.springframework.boot.actuate.info.InfoEndpoint;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
@ -38,16 +39,17 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
class ManagementWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
|
||||
|
||||
private static final EndpointRequestMatcher HEALTH_OR_INFO_ENDPOINT = EndpointRequest.to(HealthEndpoint.class,
|
||||
InfoEndpoint.class);
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests((requests) ->
|
||||
requests
|
||||
.requestMatchers(EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class)).permitAll()
|
||||
.anyRequest().authenticated())
|
||||
.formLogin(Customizer.withDefaults())
|
||||
.httpBasic(Customizer.withDefaults());
|
||||
// @formatter:on
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.requestMatchers(HEALTH_OR_INFO_ENDPOINT).permitAll();
|
||||
requests.anyRequest().authenticated();
|
||||
});
|
||||
http.formLogin(Customizer.withDefaults());
|
||||
http.httpBasic(Customizer.withDefaults());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -165,10 +165,12 @@ class ReactiveManagementWebSecurityAutoConfigurationTests {
|
||||
|
||||
@Bean
|
||||
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeExchange(
|
||||
(exchanges) -> exchanges.pathMatchers("/foo").permitAll().anyExchange().authenticated())
|
||||
.formLogin(Customizer.withDefaults()).build();
|
||||
http.authorizeExchange((exchanges) -> {
|
||||
exchanges.pathMatchers("/foo").permitAll();
|
||||
exchanges.anyExchange().authenticated();
|
||||
});
|
||||
http.formLogin(Customizer.withDefaults());
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
@ -194,9 +196,9 @@ class ReactiveManagementWebSecurityAutoConfigurationTests {
|
||||
}
|
||||
|
||||
private List<SecurityWebFilterChain> getFilterChains(ServerHttpSecurity http) throws Exception {
|
||||
return Collections
|
||||
.singletonList(http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated())
|
||||
.formLogin(Customizer.withDefaults()).build());
|
||||
http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated());
|
||||
http.formLogin(Customizer.withDefaults());
|
||||
return Collections.singletonList(http.build());
|
||||
}
|
||||
|
||||
static class TestServerHttpSecurity extends ServerHttpSecurity implements ApplicationContextAware {
|
||||
|
||||
@ -165,17 +165,18 @@ abstract class AbstractEndpointRequestIntegrationTests {
|
||||
@Bean
|
||||
WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
|
||||
return new WebSecurityConfigurerAdapter() {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests((requests) -> requests
|
||||
.requestMatchers(EndpointRequest.toLinks()).permitAll()
|
||||
.requestMatchers(EndpointRequest.to(TestEndpoint1.class)).permitAll()
|
||||
.requestMatchers(EndpointRequest.toAnyEndpoint()).authenticated().anyRequest()
|
||||
.hasRole("ADMIN"))
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.requestMatchers(EndpointRequest.toLinks()).permitAll();
|
||||
requests.requestMatchers(EndpointRequest.to(TestEndpoint1.class)).permitAll();
|
||||
requests.requestMatchers(EndpointRequest.toAnyEndpoint()).authenticated();
|
||||
requests.anyRequest().hasRole("ADMIN");
|
||||
});
|
||||
http.httpBasic();
|
||||
}
|
||||
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
@ -127,8 +127,12 @@ class ManagementWebSecurityAutoConfigurationTests {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests((requests) -> requests.antMatchers("/foo").permitAll().anyRequest().authenticated())
|
||||
.formLogin(Customizer.withDefaults()).httpBasic();
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.antMatchers("/foo").permitAll();
|
||||
requests.anyRequest().authenticated();
|
||||
});
|
||||
http.formLogin(Customizer.withDefaults());
|
||||
http.httpBasic();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -57,8 +57,9 @@ class OAuth2WebSecurityConfiguration {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests((requests) -> requests.anyRequest().authenticated())
|
||||
.oauth2Login(Customizer.withDefaults()).oauth2Client();
|
||||
http.authorizeRequests((requests) -> requests.anyRequest().authenticated());
|
||||
http.oauth2Login(Customizer.withDefaults());
|
||||
http.oauth2Client();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -30,6 +30,7 @@ import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec;
|
||||
import org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder;
|
||||
import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder;
|
||||
import org.springframework.security.oauth2.jwt.ReactiveJwtDecoders;
|
||||
@ -91,11 +92,15 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
|
||||
@ConditionalOnBean(ReactiveJwtDecoder.class)
|
||||
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, ReactiveJwtDecoder jwtDecoder)
|
||||
throws Exception {
|
||||
http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated())
|
||||
.oauth2ResourceServer((server) -> server.jwt((jwt) -> jwt.jwtDecoder(jwtDecoder)));
|
||||
http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated());
|
||||
http.oauth2ResourceServer((server) -> customDecoder(server, jwtDecoder));
|
||||
return http.build();
|
||||
}
|
||||
|
||||
private void customDecoder(OAuth2ResourceServerSpec server, ReactiveJwtDecoder decoder) throws Exception {
|
||||
server.jwt((jwt) -> jwt.jwtDecoder(decoder));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -23,6 +23,7 @@ import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2Res
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec;
|
||||
import org.springframework.security.oauth2.server.resource.introspection.NimbusReactiveOAuth2TokenIntrospectionClient;
|
||||
import org.springframework.security.oauth2.server.resource.introspection.ReactiveOAuth2TokenIntrospectionClient;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
@ -58,8 +59,8 @@ class ReactiveOAuth2ResourceServerOpaqueTokenConfiguration {
|
||||
@Bean
|
||||
@ConditionalOnBean(ReactiveOAuth2TokenIntrospectionClient.class)
|
||||
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated())
|
||||
.oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::opaqueToken);
|
||||
http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated());
|
||||
http.oauth2ResourceServer(OAuth2ResourceServerSpec::opaqueToken);
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
@ -94,11 +94,13 @@ class OAuth2ResourceServerJwtConfiguration {
|
||||
@ConditionalOnBean(JwtDecoder.class)
|
||||
WebSecurityConfigurerAdapter jwtDecoderWebSecurityConfigurerAdapter() {
|
||||
return new WebSecurityConfigurerAdapter() {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests((requests) -> requests.anyRequest().authenticated())
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
http.authorizeRequests((requests) -> requests.anyRequest().authenticated());
|
||||
http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
}
|
||||
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
@ -59,11 +59,13 @@ class OAuth2ResourceServerOpaqueTokenConfiguration {
|
||||
@ConditionalOnBean(OAuth2TokenIntrospectionClient.class)
|
||||
WebSecurityConfigurerAdapter opaqueTokenWebSecurityConfigurerAdapter() {
|
||||
return new WebSecurityConfigurerAdapter() {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests((requests) -> requests.anyRequest().authenticated())
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);
|
||||
http.authorizeRequests((requests) -> requests.anyRequest().authenticated());
|
||||
http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);
|
||||
}
|
||||
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
@ -376,9 +376,11 @@ class ReactiveOAuth2ResourceServerAutoConfigurationTests {
|
||||
|
||||
@Bean
|
||||
SecurityWebFilterChain testSpringSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
http.authorizeExchange(
|
||||
(exchanges) -> exchanges.pathMatchers("/message/**").hasRole("ADMIN").anyExchange().authenticated())
|
||||
.httpBasic();
|
||||
http.authorizeExchange((exchanges) -> {
|
||||
exchanges.pathMatchers("/message/**").hasRole("ADMIN");
|
||||
exchanges.anyExchange().authenticated();
|
||||
});
|
||||
http.httpBasic();
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
@ -396,10 +396,9 @@ A typical Spring Security configuration might look something like the following
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint())
|
||||
.authorizeRequests((requests) ->
|
||||
requests.anyRequest().hasRole("ENDPOINT_ADMIN"))
|
||||
.httpBasic();
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
|
||||
requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
|
||||
http.httpBasic();
|
||||
}
|
||||
|
||||
}
|
||||
@ -433,7 +432,7 @@ following example:
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
|
||||
.anyRequest().permitAll());
|
||||
requests.anyRequest().permitAll());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -68,7 +68,8 @@ class WebTestClientSpringBootTestIntegrationTests {
|
||||
|
||||
@Bean
|
||||
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
return http.authorizeExchange((exchanges) -> exchanges.anyExchange().permitAll()).build();
|
||||
http.authorizeExchange((exchanges) -> exchanges.anyExchange().permitAll());
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -16,6 +16,9 @@
|
||||
|
||||
package smoketest.actuator.customsecurity;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
|
||||
import org.springframework.boot.actuate.web.mappings.MappingsEndpoint;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
|
||||
@ -25,36 +28,44 @@ import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.User.UserBuilder;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@SuppressWarnings("deprecation")
|
||||
@Bean
|
||||
public InMemoryUserDetailsManager inMemoryUserDetailsManager() {
|
||||
return new InMemoryUserDetailsManager(
|
||||
User.withDefaultPasswordEncoder().username("user").password("password").authorities("ROLE_USER")
|
||||
.build(),
|
||||
User.withDefaultPasswordEncoder().username("beans").password("beans").authorities("ROLE_BEANS").build(),
|
||||
User.withDefaultPasswordEncoder().username("admin").password("admin")
|
||||
.authorities("ROLE_ACTUATOR", "ROLE_USER").build());
|
||||
List<UserDetails> userDetails = new ArrayList<>();
|
||||
userDetails.add(createUserDetails("user", "password", "ROLE_USER"));
|
||||
userDetails.add(createUserDetails("beans", "beans", "ROLE_BEANS"));
|
||||
userDetails.add(createUserDetails("admin", "admin", "ROLE_ACTUATOR", "ROLE_USER"));
|
||||
return new InMemoryUserDetailsManager(userDetails);
|
||||
}
|
||||
|
||||
@SuppressWarnings("deprecation")
|
||||
private UserDetails createUserDetails(String username, String password, String... authorities) {
|
||||
UserBuilder builder = User.withDefaultPasswordEncoder();
|
||||
builder.username(username);
|
||||
builder.password(password);
|
||||
builder.authorities(authorities);
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests((requests) ->
|
||||
requests
|
||||
.mvcMatchers("/actuator/beans").hasRole("BEANS")
|
||||
.requestMatchers(EndpointRequest.to("health", "info")).permitAll()
|
||||
.requestMatchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.antMatchers("/foo").permitAll()
|
||||
.antMatchers("/**").hasRole("USER"))
|
||||
.cors(Customizer.withDefaults())
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.mvcMatchers("/actuator/beans").hasRole("BEANS");
|
||||
requests.requestMatchers(EndpointRequest.to("health", "info")).permitAll();
|
||||
requests.requestMatchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class))
|
||||
.hasRole("ACTUATOR");
|
||||
requests.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll();
|
||||
requests.antMatchers("/foo").permitAll();
|
||||
requests.antMatchers("/**").hasRole("USER");
|
||||
});
|
||||
http.cors(Customizer.withDefaults());
|
||||
http.httpBasic();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -91,16 +91,15 @@ class ManagementPortSampleSecureWebFluxTests {
|
||||
|
||||
@Bean
|
||||
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeExchange((exchanges) ->
|
||||
exchanges
|
||||
.matchers(EndpointRequest.to("health", "info")).permitAll()
|
||||
.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
|
||||
.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.pathMatchers("/login").permitAll()
|
||||
.anyExchange().authenticated())
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
http.authorizeExchange((exchanges) -> {
|
||||
exchanges.matchers(EndpointRequest.to("health", "info")).permitAll();
|
||||
exchanges.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class))
|
||||
.hasRole("ACTUATOR");
|
||||
exchanges.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll();
|
||||
exchanges.pathMatchers("/login").permitAll();
|
||||
exchanges.anyExchange().authenticated();
|
||||
});
|
||||
http.httpBasic();
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
@ -116,16 +116,15 @@ class SampleSecureWebFluxCustomSecurityTests {
|
||||
|
||||
@Bean
|
||||
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeExchange((exchanges) ->
|
||||
exchanges
|
||||
.matchers(EndpointRequest.to("health", "info")).permitAll()
|
||||
.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
|
||||
.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.pathMatchers("/login").permitAll()
|
||||
.anyExchange().authenticated())
|
||||
.httpBasic(Customizer.withDefaults());
|
||||
// @formatter:off
|
||||
http.authorizeExchange((exchanges) -> {
|
||||
exchanges.matchers(EndpointRequest.to("health", "info")).permitAll();
|
||||
exchanges.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class))
|
||||
.hasRole("ACTUATOR");
|
||||
exchanges.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll();
|
||||
exchanges.pathMatchers("/login").permitAll();
|
||||
exchanges.anyExchange().authenticated();
|
||||
});
|
||||
http.httpBasic(Customizer.withDefaults());
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
@ -72,15 +72,16 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests((requests) ->
|
||||
requests
|
||||
.antMatchers("/login").permitAll()
|
||||
.anyRequest().fullyAuthenticated())
|
||||
.formLogin((form) -> form.loginPage("/login").failureUrl("/login?error"))
|
||||
.logout((logout) -> logout.logoutRequestMatcher(new AntPathRequestMatcher("/logout")))
|
||||
.exceptionHandling((exceptions) -> exceptions.accessDeniedPage("/access?error"));
|
||||
// @formatter:on
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.antMatchers("/login").permitAll();
|
||||
requests.anyRequest().fullyAuthenticated();
|
||||
});
|
||||
http.formLogin((form) -> {
|
||||
form.loginPage("/login");
|
||||
form.failureUrl("/login?error");
|
||||
});
|
||||
http.logout((logout) -> logout.logoutRequestMatcher(new AntPathRequestMatcher("/logout")));
|
||||
http.exceptionHandling((exceptions) -> exceptions.accessDeniedPage("/access?error"));
|
||||
}
|
||||
|
||||
}
|
||||
@ -91,8 +92,9 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint())
|
||||
.authorizeRequests((requests) -> requests.anyRequest().authenticated()).httpBasic();
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint());
|
||||
http.authorizeRequests((requests) -> requests.anyRequest().authenticated());
|
||||
http.httpBasic();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -62,13 +62,15 @@ public class SampleWebSecureCustomApplication implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests((requests) ->
|
||||
requests
|
||||
.antMatchers("/css/**").permitAll().anyRequest().fullyAuthenticated())
|
||||
.formLogin((form) -> form.loginPage("/login").failureUrl("/login?error").permitAll())
|
||||
.logout(LogoutConfigurer::permitAll);
|
||||
// @formatter:on
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.antMatchers("/css/**").permitAll();
|
||||
requests.anyRequest().fullyAuthenticated();
|
||||
});
|
||||
http.formLogin((form) -> {
|
||||
form.loginPage("/login");
|
||||
form.failureUrl("/login?error").permitAll();
|
||||
});
|
||||
http.logout(LogoutConfigurer::permitAll);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -66,12 +66,15 @@ public class SampleWebSecureJdbcApplication implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests(
|
||||
(requests) -> requests.antMatchers("/css/**").permitAll().anyRequest().fullyAuthenticated())
|
||||
.formLogin((form) -> form.loginPage("/login").failureUrl("/login?error").permitAll())
|
||||
.logout(LogoutConfigurer::permitAll);
|
||||
// @formatter:on
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.antMatchers("/css/**").permitAll();
|
||||
requests.anyRequest().fullyAuthenticated();
|
||||
});
|
||||
http.formLogin((form) -> {
|
||||
form.loginPage("/login");
|
||||
form.failureUrl("/login?error").permitAll();
|
||||
});
|
||||
http.logout(LogoutConfigurer::permitAll);
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
||||
@ -63,15 +63,15 @@ public class SampleWebSecureApplication implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests((requests) ->
|
||||
requests
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.anyRequest().fullyAuthenticated())
|
||||
.formLogin((form) ->
|
||||
form.loginPage("/login").failureUrl("/login?error").permitAll())
|
||||
.logout(LogoutConfigurer::permitAll);
|
||||
// @formatter:on
|
||||
http.authorizeRequests((requests) -> {
|
||||
requests.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll();
|
||||
requests.anyRequest().fullyAuthenticated();
|
||||
});
|
||||
http.formLogin((form) -> {
|
||||
form.loginPage("/login");
|
||||
form.failureUrl("/login?error").permitAll();
|
||||
});
|
||||
http.logout(LogoutConfigurer::permitAll);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user