org.springframework.security.web.csrf.CsrfTokenRepository Java Examples
The following examples show how to use
org.springframework.security.web.csrf.CsrfTokenRepository.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: WebSecurityConfig.java From alf.io with GNU General Public License v3.0 | 6 votes |
|
public OpenIdFormBasedWebSecurity(Environment environment,
UserManager userManager,
RecaptchaService recaptchaService,
ConfigurationManager configurationManager,
CsrfTokenRepository csrfTokenRepository,
DataSource dataSource,
PasswordEncoder passwordEncoder,
OpenIdAuthenticationManager openIdAuthenticationManager,
UserRepository userRepository,
AuthorityRepository authorityRepository,
UserOrganizationRepository userOrganizationRepository,
OrganizationRepository organizationRepository) {
super(environment, userManager, recaptchaService, configurationManager, csrfTokenRepository,
dataSource, passwordEncoder, openIdAuthenticationManager, userRepository, authorityRepository,
userOrganizationRepository, organizationRepository);
}
Example #2
| Source File: AuthenticationHandler.java From blackduck-alert with Apache License 2.0 | 5 votes |
|
@Autowired
AuthenticationHandler(HttpPathManager httpPathManager, CsrfTokenRepository csrfTokenRepository, AlertProperties alertProperties, AuthorizationUtility authorizationUtility,
FilePersistenceUtil filePersistenceUtil, UserManagementAuthoritiesPopulator authoritiesPopulator,
ConfigurationAccessor configurationAccessor, AuthenticationDescriptorKey authenticationDescriptorKey, AuthenticationEventManager authenticationEventManager) {
this.httpPathManager = httpPathManager;
this.csrfTokenRepository = csrfTokenRepository;
this.alertProperties = alertProperties;
this.authorizationUtility = authorizationUtility;
this.filePersistenceUtil = filePersistenceUtil;
this.authoritiesPopulator = authoritiesPopulator;
this.configurationAccessor = configurationAccessor;
this.authenticationDescriptorKey = authenticationDescriptorKey;
this.authenticationEventManager = authenticationEventManager;
}
Example #3
| Source File: AuthenticationController.java From blackduck-alert with Apache License 2.0 | 5 votes |
|
@Autowired
public AuthenticationController(final LoginActions loginActions, final PasswordResetService passwordResetService, final ResponseFactory responseFactory, final CsrfTokenRepository csrfTokenRepository) {
this.loginActions = loginActions;
this.passwordResetService = passwordResetService;
this.responseFactory = responseFactory;
this.csrfTokenRepository = csrfTokenRepository;
}
Example #4
| Source File: WebSecurityConfig.java From alf.io with GNU General Public License v3.0 | 5 votes |
|
@Bean
public CsrfTokenRepository getCsrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setSessionAttributeName(CSRF_SESSION_ATTRIBUTE);
repository.setParameterName(CSRF_PARAM_NAME);
return repository;
}
Example #5
| Source File: WebSecurityConfig.java From alf.io with GNU General Public License v3.0 | 5 votes |
|
public FormBasedWebSecurity(Environment environment,
UserManager userManager,
RecaptchaService recaptchaService,
ConfigurationManager configurationManager,
CsrfTokenRepository csrfTokenRepository,
DataSource dataSource,
PasswordEncoder passwordEncoder,
UserRepository userRepository,
AuthorityRepository authorityRepository,
UserOrganizationRepository userOrganizationRepository,
OrganizationRepository organizationRepository) {
super(environment, userManager, recaptchaService, configurationManager,
csrfTokenRepository, dataSource, passwordEncoder, null,
userRepository, authorityRepository, userOrganizationRepository, organizationRepository);
}
Example #6
| Source File: UnieapSecurityConfig.java From open-capacity-platform with Apache License 2.0 | 4 votes |
|
private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-XSRF-TOKEN");
return repository;
}
Example #7
| Source File: AuthenticationUtils.java From Insights with Apache License 2.0 | 4 votes |
|
public CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName(AuthenticationUtils.CSRF_COOKIE_NAME);
return repository;
}
Example #8
| Source File: SecurityRestServiceImpl.java From jump-the-queue with Apache License 2.0 | 4 votes |
|
/**
* @param csrfTokenRepository the csrfTokenRepository to set
*/
@Inject
public void setCsrfTokenRepository(CsrfTokenRepository csrfTokenRepository) {
this.csrfTokenRepository = csrfTokenRepository;
}
Example #9
| Source File: WebSecurityBeansConfig.java From jump-the-queue with Apache License 2.0 | 4 votes |
|
/**
* This method provides a new instance of {@code CsrfTokenRepository}
*
* @return the newly created {@code CsrfTokenRepository}
*/
@Bean
public CsrfTokenRepository csrfTokenRepository() {
return new HttpSessionCsrfTokenRepository();
}
Example #10
| Source File: PlatformSecurityConfiguration.java From abixen-platform with GNU Lesser General Public License v2.1 | 4 votes |
|
private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-XSRF-TOKEN");
return repository;
}
Example #11
| Source File: SsoUiApplication.java From building-microservices with Apache License 2.0 | 4 votes |
|
private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-XSRF-TOKEN");
return repository;
}
Example #12
| Source File: PolymerDemoSpringSessionConfig.java From spring-polymer-demo with Artistic License 2.0 | 4 votes |
|
private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-XSRF-TOKEN");
return repository;
}
Example #13
| Source File: PolymerDemoOAuthConfig.java From spring-polymer-demo with Artistic License 2.0 | 4 votes |
|
private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-XSRF-TOKEN");
return repository;
}
Example #14
| Source File: CSRFConfig.java From tutorials with MIT License | 4 votes |
|
@Bean
@ConditionalOnMissingBean
public CsrfTokenRepository jwtCsrfTokenRepository() {
return new JWTCsrfTokenRepository(secretService.getHS256SecretBytes());
}
Example #15
| Source File: OAuthConfiguration.java From moserp with Apache License 2.0 | 2 votes |
|
/**
* Angular sends the CSRF token in a custom header named "X-XSRF-TOKEN"
* rather than the default "X-CSRF-TOKEN" that Spring security expects.
* Hence we are now telling Spring security to expect the token in the
* "X-XSRF-TOKEN" header.<br><br>
*
* This customization is added to the <code>csrf()</code> filter.
*
* @return
*/
private CsrfTokenRepository getCSRFTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName(CSRF_ANGULAR_HEADER_NAME);
return repository;
}
Example #16
| Source File: OAuthConfiguration.java From spring-boot-microservices with Apache License 2.0 | 2 votes |
|
/**
* Angular sends the CSRF token in a custom header named "X-XSRF-TOKEN"
* rather than the default "X-CSRF-TOKEN" that Spring security expects.
* Hence we are now telling Spring security to expect the token in the
* "X-XSRF-TOKEN" header.<br><br>
*
* This customization is added to the <code>csrf()</code> filter.
*
* @return
*/
private CsrfTokenRepository getCSRFTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName(CSRF_ANGULAR_HEADER_NAME);
return repository;
}
