@Override
public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .authorizeRequests()
            .antMatchers("/login/**","/oauth/**").permitAll()
            // 监控端点内部放行
            .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage("/login").permitAll()
            .and()
            .logout().permitAll()
            // /logout退出清除cookie
            .addLogoutHandler(new CookieClearingLogoutHandler("token", "remember-me"))
            .logoutSuccessHandler(new LogoutSuccessHandler())
            .and()
            // 认证鉴权错误处理,为了统一异常处理。每个资源服务器都应该加上。
            .exceptionHandling()
            .accessDeniedHandler(new OpenAccessDeniedHandler())
            .authenticationEntryPoint(new OpenAuthenticationEntryPoint())
            .and()
            .csrf().disable()
            // 禁用httpBasic
            .httpBasic().disable();
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .authorizeRequests()
            // 监控端点内部放行
            .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            // fegin访问或无需身份认证
            .antMatchers(
                    "/generate/**"
            ).permitAll()
            .anyRequest().authenticated()
            .and()
            //认证鉴权错误处理,为了统一异常处理。每个资源服务器都应该加上。
            .exceptionHandling()
            .accessDeniedHandler(new OpenAccessDeniedHandler())
            .authenticationEntryPoint(new OpenAuthenticationEntryPoint())
            .and()
            .csrf().disable();
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .authorizeRequests()
            .antMatchers("/login/**","/oauth/**").permitAll()
            // 监控端点内部放行
            .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage("/login").permitAll()
            .and()
            .logout().permitAll()
            // /logout退出清除cookie
            .addLogoutHandler(new CookieClearingLogoutHandler("token", "remember-me"))
            .logoutSuccessHandler(new LogoutSuccessHandler())
            .and()
            // 认证鉴权错误处理,为了统一异常处理。每个资源服务器都应该加上。
            .exceptionHandling()
            .accessDeniedHandler(new OpenAccessDeniedHandler())
            .authenticationEntryPoint(new OpenAuthenticationEntryPoint())
            .and()
            .csrf().disable()
            // 禁用httpBasic
            .httpBasic().disable();
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .authorizeRequests()
            // 指定监控可访问权限
            .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            .anyRequest().authenticated()
            .and()
            //认证鉴权错误处理,为了统一异常处理。每个资源服务器都应该加上。
            .exceptionHandling()
            .accessDeniedHandler(new OpenAccessDeniedHandler())
            .authenticationEntryPoint(new OpenAuthenticationEntryPoint())
            .and()
            .csrf().disable();
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .authorizeRequests()
            // 指定监控访问权限
            .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            .anyRequest().authenticated()
            .and()
            //认证鉴权错误处理
            .exceptionHandling()
            .accessDeniedHandler(new OpenAccessDeniedHandler())
            .authenticationEntryPoint(new OpenAuthenticationEntryPoint())
            .and()
            .csrf().disable();
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .authorizeRequests()
            .antMatchers(
                    "/email/**",
                    "/sms/**",
                    "/webhook/**"
            ).permitAll()
            // 指定监控访问权限
            .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            .anyRequest().authenticated()
            .and()
            //认证鉴权错误处理
            .exceptionHandling()
            .accessDeniedHandler(new OpenAccessDeniedHandler())
            .authenticationEntryPoint(new OpenAuthenticationEntryPoint())
            .and()
            .csrf().disable();
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .authorizeRequests()
            .antMatchers("/", "/registration","/hystrix.stream").permitAll()
.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            .anyRequest().authenticated()
            .and()
        .formLogin()
            .loginPage("/login")
            .loginProcessingUrl("/login")
            .permitAll()
            .and()
        .logout()
        .logoutSuccessHandler(logoutSuccessHandler)
            .permitAll();
}
 

protected void configure(HttpSecurity http) throws Exception {

            http
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .csrf()
                .disable();

            http
                .requestMatcher(new ActuatorRequestMatcher())
                .authorizeRequests()
                .requestMatchers(EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class)).authenticated()
                .requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(DefaultPrivileges.ACCESS_ADMIN)
                .and().httpBasic();
        }
 

protected void configure(HttpSecurity http) throws Exception {

            http
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .csrf()
                .disable();

            http
                .requestMatcher(new ActuatorRequestMatcher())
                .authorizeRequests()
                .requestMatchers(EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class)).authenticated()
                .requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(DefaultPrivileges.ACCESS_ADMIN)
                .and().httpBasic();
        }
 

@Override
protected void configure(HttpSecurity http) throws Exception {

    http
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .csrf()
        .disable();

    http
        .requestMatcher(new ActuatorRequestMatcher())
        .authorizeRequests()
        .requestMatchers(EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class)).authenticated()
        .requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(DefaultPrivileges.ACCESS_ADMIN)
        .and().httpBasic();
}
 

protected void configure(HttpSecurity http) throws Exception {

            http
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .csrf()
                .disable();

            http
                .requestMatcher(new ActuatorRequestMatcher())
                .authorizeRequests()
                .requestMatchers(EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class)).authenticated()
                .requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(DefaultPrivileges.ACCESS_ADMIN)
                .and().httpBasic();
        }
 

@Override
protected void configure(final HttpSecurity http) throws Exception {

    // @formatter:off
    
    http
        .csrf().disable()
        .requestMatcher(EndpointRequest.toAnyEndpoint())
        .authorizeRequests()
            // Permit access to health check
            .requestMatchers(EndpointRequest.to("health")).permitAll()
            // Require authorization for everthing else
            .anyRequest().hasRole("SYSADMIN")
        .and()
        .httpBasic().authenticationEntryPoint(actuatorAuthenticationEntryPoint())
        .and()
        .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS); 
    
    // @formatter:on

}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .requestMatcher(EndpointRequest.to("health", "info"))
            .authorizeRequests()
            .anyRequest()
            .permitAll();
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .authorizeRequests()
            // 监控端点内部放行
            .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            // fegin访问或无需身份认证
            .antMatchers(
                    "/authority/access",
                    "/authority/app",
                    "/app/*/info",
                    "/app/client/*/info",
                    "/gateway/api/**",
                    "/user/add/thirdParty",
                    "/user/info",
                    "/user/login",
                    "/developer/add/thirdParty",
                    "/developer/info",
                    "/developer/login"
            ).permitAll()
            .anyRequest().authenticated()
            .and()
            //认证鉴权错误处理,为了统一异常处理。每个资源服务器都应该加上。
            .exceptionHandling()
            .accessDeniedHandler(new OpenAccessDeniedHandler())
            .authenticationEntryPoint(new OpenAuthenticationEntryPoint())
            .and()
            .csrf().disable();
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http
    .requestMatcher(EndpointRequest.toAnyEndpoint().excluding("health", "info"))
    .authorizeRequests()
      .anyRequest().hasRole("ADMIN")
      
    .and()
  
    .httpBasic();
  // @formatter:on
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http
    .requestMatcher(EndpointRequest.toAnyEndpoint().excluding("health", "info"))
    .authorizeRequests()
      .anyRequest().hasRole("ADMIN")
      
    .and()
  
    .httpBasic();
  // @formatter:on
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http
    .requestMatcher(EndpointRequest.toAnyEndpoint().excluding("health", "info"))
    .authorizeRequests()
      .anyRequest().hasRole("ADMIN")
      
    .and()
  
    .httpBasic();
  // @formatter:on
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
  // @formatter:off
  http
    .requestMatcher(EndpointRequest.toAnyEndpoint().excluding("health", "info"))
    .authorizeRequests()
      .anyRequest().hasRole("ADMIN")
      
    .and()
  
    .httpBasic();
  // @formatter:on
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
       http
           .requestMatcher(EndpointRequest.toAnyEndpoint())
               .authorizeRequests()
                   .requestMatchers(EndpointRequest.to(HealthEndpoint.class)).permitAll()
           .anyRequest().authenticated()
           .and()
           .httpBasic();
	}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.requestMatcher(EndpointRequest.toAnyEndpoint())
            .authorizeRequests().anyRequest().hasRole("ENDPOINT_ADMIN")
            .and()
            .httpBasic();
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
	http.anonymous().and().antMatcher("/user").authorizeRequests()
	.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll().
        antMatchers(AUTH_WHITELIST).permitAll().
        anyRequest().authenticated()
	.and()
       .csrf()
       .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
	http.anonymous().and().antMatcher("/user").authorizeRequests()
	.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll().
        antMatchers(AUTH_WHITELIST).permitAll().
        anyRequest().authenticated()
	.and()
       .csrf()
       .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
	http.anonymous().and().antMatcher("/user").authorizeRequests()
	
	.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll().
        antMatchers(AUTH_WHITELIST).permitAll().
        antMatchers("/actuator/**").permitAll().
        anyRequest().authenticated()
	.and()
       .csrf()
       .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
       .ignoringAntMatchers("/instances", "/actuator/**");
}
 

@Override
  protected void configure(HttpSecurity http) throws Exception {
  	http.authorizeRequests().anyRequest().authenticated()
  	.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll().
      antMatchers("/actuator/**").permitAll().anyRequest().authenticated();
http.formLogin().loginPage("/login").permitAll();
http.logout().clearAuthentication(true)
      .logoutSuccessUrl("/")
      .logoutUrl("/logout-session")
      .deleteCookies("JSESSIONID")
      .invalidateHttpSession(true);
http.requestMatchers().antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access", "/implicit/redirect");
http.authorizeRequests().antMatchers("/oauth/authorize").authenticated().anyRequest().authenticated();
http.csrf().ignoringAntMatchers("/instances", "/actuator/**");
  }
 

@Override
public void configure(HttpSecurity http) throws Exception {
	http.anonymous().and().antMatcher("/user").authorizeRequests()
	.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll().
        antMatchers(AUTH_WHITELIST).permitAll().
        anyRequest().authenticated()
	.and()
       .csrf()
       .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
 

@Override
public void configure(HttpSecurity http) throws Exception {
	http.anonymous().and().antMatcher("/user").authorizeRequests()
	.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll().
        antMatchers(AUTH_WHITELIST).permitAll().
        anyRequest().authenticated()
	.and()
       .csrf()
       .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.httpBasic().and()
            .authorizeRequests()
            .requestMatchers(EndpointRequest.to("info", "health")).permitAll()
            .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("SYSTEM")
            .antMatchers("/**").hasRole("USER");

}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .authorizeRequests()
            .requestMatchers(EndpointRequest.to("info")).permitAll()
            .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR");
}
 

@Override
protected void configure(HttpSecurity http) throws Exception {
	// @formatter:off
	http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests().anyRequest().authenticated().and()
			.httpBasic();
	// @formatter:on
}
 

@Override
protected void configure(final HttpSecurity http) throws Exception {
    http
        .cors()
        .and()
        .csrf()
        .disable()
        .authorizeRequests()
        .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(); // Disabling actuation security
}