org.springframework.security.config.annotation.web.configurers.CsrfConfigurer Java Examples

The following examples show how to use org.springframework.security.config.annotation.web.configurers.CsrfConfigurer. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DefaultMethodSecurityConfigurer.java    From onetwo with Apache License 2.0 6 votes vote down vote up 
protected void configureCsrf(HttpSecurity http) throws Exception{
	CsrfConfigurer<HttpSecurity> csrf = http.csrf();
	if(securityConfig.getCsrf().isDisable()){
		csrf.disable();
		http.headers().frameOptions().disable();
		return ;
	}
	if(ArrayUtils.isNotEmpty(securityConfig.getCsrf().getIgnoringPaths())){
		csrf.ignoringAntMatchers(securityConfig.getCsrf().getIgnoringPaths());
	}
	if(ArrayUtils.isNotEmpty(securityConfig.getCsrf().getRequirePaths())){
		csrf.requireCsrfProtectionMatcher(MatcherUtils.matchAntPaths(securityConfig.getCsrf().getRequirePaths()));
	}else{
		csrf.requireCsrfProtectionMatcher(IgnoreCsrfProtectionRequestUrlMatcher.ignoreUrls("/login*"));
	}
}
Example #2
Source File: HttpSecurity.java    From Android_Code_Arbiter with GNU Lesser General Public License v3.0 4 votes vote down vote up 
public CsrfConfigurer csrf() throws Exception {
    return new CsrfConfigurer();
}