org.springframework.security.web.server.SecurityWebFilterChain Java Examples
The following examples show how to use
org.springframework.security.web.server.SecurityWebFilterChain.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SecurityConfig.java From Hands-On-Microservices-with-Spring-Boot-and-Spring-Cloud with MIT License | 7 votes |
|
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeExchange()
.pathMatchers("/headerrouting/**").permitAll()
.pathMatchers("/actuator/**").permitAll()
.pathMatchers("/eureka/**").permitAll()
.pathMatchers("/oauth/**").permitAll()
.pathMatchers("/config/**").permitAll()
.anyExchange().authenticated()
.and()
.oauth2ResourceServer()
.jwt();
return http.build();
}
Example #2
| Source File: SecurityConfigure.java From FEBS-Cloud with Apache License 2.0 | 6 votes |
|
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
return http
.exceptionHandling()
.authenticationEntryPoint((s, e) -> Mono.fromRunnable(() -> s.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED)))
.accessDeniedHandler((s, e) -> Mono.fromRunnable(() -> s.getResponse().setStatusCode(HttpStatus.FORBIDDEN)))
.and()
.headers().frameOptions().disable()
.and()
.csrf().disable()
.formLogin().disable()
.httpBasic().disable()
.authenticationManager(authenticationManager)
.securityContextRepository(securityContextRepository)
.authorizeExchange()
.pathMatchers(HttpMethod.OPTIONS).permitAll()
.pathMatchers("/route/auth/**").authenticated()
.anyExchange().permitAll()
.and().build();
}
Example #3
| Source File: ReactiveSecurityApplication.java From training with Apache License 2.0 | 6 votes |
|
@Bean
SecurityWebFilterChain authorization(ServerHttpSecurity http) {
ReactiveAuthorizationManager<AuthorizationContext> auth =
(authentication, object) -> Mono.just(new AuthorizationDecision(object.getVariables().get("name").equals("rwinch")));
//@formatter:off
return
http
.authorizeExchange()
.pathMatchers("/greeting").authenticated()
.pathMatchers("/hi/{name}").access(auth)
.and()
.csrf()
.disable()
.httpBasic()
.and()
.build();
//@formatter:on
}
Example #4
| Source File: SecurityConfig.java From Hands-On-Microservices-with-Spring-Boot-and-Spring-Cloud with MIT License | 6 votes |
|
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeExchange()
.pathMatchers("/headerrouting/**").permitAll()
.pathMatchers("/actuator/**").permitAll()
.pathMatchers("/eureka/**").permitAll()
.pathMatchers("/oauth/**").permitAll()
.pathMatchers("/config/**").permitAll()
.anyExchange().authenticated()
.and()
.oauth2ResourceServer()
.jwt();
return http.build();
}
Example #5
| Source File: ReactiveConfig.java From errors-spring-boot-starter with Apache License 2.0 | 6 votes |
|
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http,
ServerAccessDeniedHandler accessDeniedHandler,
ServerAuthenticationEntryPoint authenticationEntryPoint) {
return http
.csrf()
.accessDeniedHandler(accessDeniedHandler)
.and()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint)
.accessDeniedHandler(accessDeniedHandler)
.and()
.authorizeExchange()
.pathMatchers(GET, "/test/protected").authenticated()
.pathMatchers(POST, "/test/protected").hasRole("ADMIN")
.anyExchange().permitAll()
.and().build();
}
Example #6
| Source File: WebSecurityConfig.java From spring-boot-webflux-jjwt with Apache License 2.0 | 6 votes |
|
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
return http
.exceptionHandling()
.authenticationEntryPoint((swe, e) -> {
return Mono.fromRunnable(() -> {
swe.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
});
}).accessDeniedHandler((swe, e) -> {
return Mono.fromRunnable(() -> {
swe.getResponse().setStatusCode(HttpStatus.FORBIDDEN);
});
}).and()
.csrf().disable()
.formLogin().disable()
.httpBasic().disable()
.authenticationManager(authenticationManager)
.securityContextRepository(securityContextRepository)
.authorizeExchange()
.pathMatchers(HttpMethod.OPTIONS).permitAll()
.pathMatchers("/login").permitAll()
.anyExchange().authenticated()
.and().build();
}
Example #7
| Source File: SecurityConfig.java From Hands-On-Microservices-with-Spring-Boot-and-Spring-Cloud with MIT License | 6 votes |
|
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeExchange()
.pathMatchers("/headerrouting/**").permitAll()
.pathMatchers("/actuator/**").permitAll()
.pathMatchers("/eureka/**").permitAll()
.pathMatchers("/oauth/**").permitAll()
.pathMatchers("/config/**").permitAll()
.anyExchange().authenticated()
.and()
.oauth2ResourceServer()
.jwt();
return http.build();
}
Example #8
| Source File: SecurityConfig.java From spring-security-samples with MIT License | 6 votes |
|
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http,
ReactiveClientRegistrationRepository clientRegistrationRepository) {
// Authenticate through configured OpenID Provider
http.oauth2Login();
// Also logout at the OpenID Connect provider
http.logout(logout -> logout.logoutSuccessHandler(new OidcClientInitiatedServerLogoutSuccessHandler(
clientRegistrationRepository)));
// Require authentication for all requests
http.authorizeExchange().anyExchange().authenticated();
// Allow showing /home within a frame
http.headers().frameOptions().mode(Mode.SAMEORIGIN);
// Disable CSRF in the gateway to prevent conflicts with proxied service CSRF
http.csrf().disable();
return http.build();
}
Example #9
| Source File: SecurityConfig.java From spring-security-samples with MIT License | 6 votes |
|
@Bean
public SecurityWebFilterChain securityWebFilterChain() {
// the matcher for all paths that need to be secured (require a logged-in user)
final ServerWebExchangeMatcher apiPathMatcher = pathMatchers(API_MATCHER_PATH);
// default chain for all requests
final ServerHttpSecurity http = this.context.getBean(ServerHttpSecurity.class);
return http
.authorizeExchange().matchers(apiPathMatcher).authenticated()
.anyExchange().permitAll()
.and().httpBasic().disable()
.csrf().disable()
.oauth2Client()
.and()
.oauth2Login()
.and()
.build();
}
Example #10
| Source File: SecurityConfig.java From Hands-On-Microservices-with-Spring-Boot-and-Spring-Cloud with MIT License | 6 votes |
|
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeExchange()
.pathMatchers("/headerrouting/**").permitAll()
.pathMatchers("/actuator/**").permitAll()
.pathMatchers("/eureka/**").permitAll()
.pathMatchers("/oauth/**").permitAll()
.pathMatchers("/config/**").permitAll()
.anyExchange().authenticated()
.and()
.oauth2ResourceServer()
.jwt();
return http.build();
}
Example #11
| Source File: SecurityConfig.java From spring-5-examples with MIT License | 6 votes |
|
@Bean SecurityWebFilterChain springSecurityFilterChain(final ServerHttpSecurity http) {
http
.authorizeExchange()
.pathMatchers("/favicon.ico", "/css/**", "/webjars/**")
.permitAll()
.anyExchange()
.authenticated()
.and()
.httpBasic()
.and()
.formLogin()
.and()
.logout()
;
return http.build();
}
Example #12
| Source File: SecurityConfiguration.java From webFluxTemplate with MIT License | 6 votes |
|
@Bean
public SecurityWebFilterChain springSecurityFilterChain(final ServerHttpSecurity http,
final JwtAuthenticationWebFilter authenticationWebFilter,
final UnauthorizedAuthenticationEntryPoint entryPoint) {
// We must override AuthenticationEntryPoint because if AuthenticationWebFilter didn't kicked in
// (i.e. there are no required headers) then default behavior is to display HttpBasicAuth,
// so we just return unauthorized to override it.
// Filter tries to authenticate each request if it contains required headers.
// Finally, we disable all default security.
http
.exceptionHandling()
.authenticationEntryPoint(entryPoint)
.and()
.addFilterAt(authenticationWebFilter, SecurityWebFiltersOrder.AUTHENTICATION)
.authorizeExchange()
.pathMatchers(AUTH_WHITELIST).permitAll()
.anyExchange().authenticated()
.and()
.httpBasic().disable()
.formLogin().disable()
.csrf().disable()
.logout().disable();
return http.build();
}
Example #13
| Source File: SecurityConfiguration.java From Learning-Spring-Boot-2.0-Second-Edition with MIT License | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(HttpSecurity http) {
return http
.authorizeExchange()
.pathMatchers("/**").authenticated()
.and()
.build();
}
Example #14
| Source File: SecurityConfiguration.java From cloud-security-xsuaa-integration with Apache License 2.0 | 5 votes |
|
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
http.authorizeExchange()
.pathMatchers("/v1/sayHello").hasAuthority("Read")
.and().oauth2ResourceServer().jwt()
.jwtAuthenticationConverter(getJwtAuthenticationConverter())
.jwtDecoder(new XsuaaJwtDecoderBuilder(xsuaaServiceConfiguration)
.withPostValidationActions(token -> logger.info("post validation action performed"))
.buildAsReactive());
return http.build();
}
Example #15
| Source File: SecurityConfig.java From spring-reactive-sample with GNU General Public License v3.0 | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
return http
.authorizeExchange()
.pathMatchers(HttpMethod.GET, "/posts/**").permitAll()
.pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN")
//.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath)
.anyExchange().authenticated()
.and()
.build();
}
Example #16
| Source File: DemoApplication.java From spring-reactive-sample with GNU General Public License v3.0 | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
return http
.authorizeExchange()
.pathMatchers(HttpMethod.GET, "/posts/**").permitAll()
.pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN")
.pathMatchers("/posts/**").authenticated()
//.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath)
.anyExchange().permitAll()
.and()
.build();
}
Example #17
| Source File: SecurityConfiguration.java From Learning-Spring-Boot-2.0-Second-Edition with MIT License | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(HttpSecurity http) {
return http
.authorizeExchange()
.pathMatchers("/**").authenticated()
.and()
.build();
}
Example #18
| Source File: SecurityConfiguration.java From Learning-Spring-Boot-2.0-Second-Edition with MIT License | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain() {
return HttpSecurity.http()
.securityContextRepository(
new WebSessionSecurityContextRepository())
.authorizeExchange()
.anyExchange().authenticated()
.and()
.build();
}
Example #19
| Source File: SecurityConfig.java From spring-reactive-sample with GNU General Public License v3.0 | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
return http
.authorizeExchange()
.pathMatchers(HttpMethod.GET, "/posts/**").permitAll()
.pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN")
//.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath)
.anyExchange().authenticated()
.and()
.build();
}
Example #20
| Source File: ResourceServerConfiguration.java From microservices-platform with Apache License 2.0 | 5 votes |
|
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
//认证处理器
ReactiveAuthenticationManager customAuthenticationManager = new CustomAuthenticationManager(tokenStore);
JsonAuthenticationEntryPoint entryPoint = new JsonAuthenticationEntryPoint();
//token转换器
ServerBearerTokenAuthenticationConverter tokenAuthenticationConverter = new ServerBearerTokenAuthenticationConverter();
tokenAuthenticationConverter.setAllowUriQueryParameter(true);
//oauth2认证过滤器
AuthenticationWebFilter oauth2Filter = new AuthenticationWebFilter(customAuthenticationManager);
oauth2Filter.setServerAuthenticationConverter(tokenAuthenticationConverter);
oauth2Filter.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint));
oauth2Filter.setAuthenticationSuccessHandler(new Oauth2AuthSuccessHandler());
http.addFilterAt(oauth2Filter, SecurityWebFiltersOrder.AUTHENTICATION);
ServerHttpSecurity.AuthorizeExchangeSpec authorizeExchange = http.authorizeExchange();
if (securityProperties.getAuth().getHttpUrls().length > 0) {
authorizeExchange.pathMatchers(securityProperties.getAuth().getHttpUrls()).authenticated();
}
if (securityProperties.getIgnore().getUrls().length > 0) {
authorizeExchange.pathMatchers(securityProperties.getIgnore().getUrls()).permitAll();
}
authorizeExchange
.pathMatchers(HttpMethod.OPTIONS).permitAll()
.anyExchange()
.access(permissionAuthManager)
.and()
.exceptionHandling()
.accessDeniedHandler(new JsonAccessDeniedHandler())
.authenticationEntryPoint(entryPoint)
.and()
.headers()
.frameOptions()
.disable()
.and()
.httpBasic().disable()
.csrf().disable();
return http.build();
}
Example #21
| Source File: ReservationClientApplication.java From training with Apache License 2.0 | 5 votes |
|
@Bean
SecurityWebFilterChain authorization(ServerHttpSecurity security) {
//@formatter:off
return
security
.csrf().disable()
.httpBasic()
.and()
.authorizeExchange()
.pathMatchers("/proxy").authenticated()
.anyExchange().permitAll()
.and()
.build();
//@formatter:on
}
Example #22
| Source File: TweetClientApplication.java From reactive-spring-online-training with Apache License 2.0 | 5 votes |
|
@Bean
SecurityWebFilterChain authorization(ServerHttpSecurity http) {
http.httpBasic();
http.csrf().disable();
http
.authorizeExchange()
.pathMatchers("/proxy").authenticated()
.anyExchange().permitAll();
return http.build();
}
Example #23
| Source File: SpringSecurityWebReactiveEndpointsBootstrap.java From thinking-in-spring-boot-samples with Apache License 2.0 | 5 votes |
|
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
return http.securityMatcher(EndpointRequest.toAnyEndpoint())
.authorizeExchange()
.anyExchange()
.hasRole("ENDPOINT_ADMIN")
.and().httpBasic()
.and().build();
}
Example #24
| Source File: SecurityConfig.java From spring-5-examples with MIT License | 5 votes |
|
/**
* Authorization
*/
@Bean
SecurityWebFilterChain springWebFilterChain(HttpSecurity http) throws Exception {
return http
.authorizeExchange()
.pathMatchers("/all/{usernamePathVariable}").access(this::currentUserMatchesRoleAndPath)
.pathMatchers("/first").access(this::currentUserMatchesRole)
.pathMatchers("/**").hasRole(ROLE_ADMIN)
.anyExchange().authenticated()
.and()
////not necessary, already injected
//.authenticationManager(reactiveAuthenticationManager(userDetailsRepository()))
.build();
}
Example #25
| Source File: SecurityConfig.java From pivotal-bank-demo with Apache License 2.0 | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
return http
.csrf().disable()
.authorizeExchange()
.anyExchange().permitAll()
.and()
.build();
}
Example #26
| Source File: SpringBootActuatorEndpointsBootstrap.java From thinking-in-spring-boot-samples with Apache License 2.0 | 5 votes |
|
/**
* 由于当前工程依赖 org.springframework.security:spring-security-web 的缘故,
* BASIC 验证需要显示地关闭
*
* @param http {@link ServerHttpSecurity}
* @return {@link SecurityWebFilterChain}
*/
@Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
return http.securityMatcher(EndpointRequest.toAnyEndpoint())
.httpBasic().disable() // 关闭 BASIC 验证
.build();
}
Example #27
| Source File: SecurityConfig.java From spring-reactive-sample with GNU General Public License v3.0 | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
return http
.authorizeExchange()
//.pathMatchers(HttpMethod.GET, "/posts/**").permitAll()
//.pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN")
//.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath)
.anyExchange().authenticated()
.and()
.build();
}
Example #28
| Source File: TestSecurityConfiguration.java From Hands-On-Reactive-Programming-in-Spring-5 with MIT License | 5 votes |
|
@Bean
@Primary
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
return http
.authorizeExchange()
.anyExchange().permitAll()
.and()
.formLogin()
.and()
.csrf().disable()
.build();
}
Example #29
| Source File: SecurityConfiguration.java From Hands-On-Reactive-Programming-in-Spring-5 with MIT License | 5 votes |
|
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange()
.anyExchange().permitAll()
.and()
.formLogin();
return http.build();
}
Example #30
| Source File: DemoApplication.java From spring-reactive-sample with GNU General Public License v3.0 | 5 votes |
|
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
return http
.authorizeExchange()
.pathMatchers(HttpMethod.GET, "/posts/**").permitAll()
.pathMatchers(HttpMethod.DELETE, "/posts/**").hasRole("ADMIN")
//.pathMatchers("/users/{user}/**").access(this::currentUserMatchesPath)
.anyExchange().authenticated()
.and()
.build();
}
