下面列出了org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest#org.springframework.boot.autoconfigure.security.servlet.PathRequest 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Override
public void configure(WebSecurity web) throws Exception {
List<String> ignore = Arrays.asList("/health", "/actuator/**");
web.
ignoring()
.requestMatchers(PathRequest.toStaticResources().atCommonLocations())
.antMatchers(ignore.toArray(new String[0]))
.antMatchers("/api/**");
}
@Override protected void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeRequests()
/*
.requestMatchers()
.antMatchers("/actuator/health")
.permitAll()
*/
.requestMatchers(EndpointRequest.to("status", "info", "health"))
.permitAll()
.requestMatchers(PathRequest.toStaticResources().atCommonLocations())
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.disable()
.headers()
.frameOptions()
.sameOrigin()
.and()
.csrf()
.disable()
.httpBasic()
.and()
.logout()
.logoutUrl("/disconnect")
.clearAuthentication(true)
.invalidateHttpSession(true)
.permitAll()
;
// @formatter:on
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers(HttpMethod.GET, "/").permitAll()
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll().antMatchers("/login")
.permitAll().antMatchers("/signup").permitAll().antMatchers("/dashboard/**").hasAuthority("ADMIN")
.anyRequest().authenticated().and().csrf().disable().formLogin()
.successHandler(this.customizeAuthenticationSuccessHandler).loginPage("/login")
.failureUrl("/login?error=true").usernameParameter("email").passwordParameter("password").and().logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/").and()
.exceptionHandling();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().requestMatchers(EndpointRequest.to("health", "info")).permitAll()
.requestMatchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll().antMatchers(HttpMethod.GET, "/ping").permitAll()
.antMatchers(HttpMethod.DELETE, "/**").hasRole("ADMIN").antMatchers("/**").hasRole("USER").and()
.httpBasic();
// H2 database console runs inside a frame, So we need to disable X-Frame-Options
// in Spring Security.
http.headers().frameOptions().disable();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests((authorize) -> authorize
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().authenticated()
)
.formLogin((formLogin) -> formLogin
.permitAll()
);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests((authorize) -> authorize
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().authenticated()
)
.formLogin((formLogin) -> formLogin
.loginPage("/login")
.permitAll()
);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests((authorize) -> authorize
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().authenticated()
)
.formLogin((formLogin) -> formLogin
.permitAll()
);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests((authorize) -> authorize
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().authenticated()
)
.formLogin((formLogin) -> formLogin
.loginPage("/login")
.permitAll()
);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests((authorize) -> authorize
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().authenticated()
)
.formLogin((formLogin) -> formLogin
.permitAll()
);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests((authorize) -> authorize
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().authenticated()
)
.formLogin((formLogin) -> formLogin
.permitAll()
);
}
@Override
public void configure(WebSecurity web) {
web
.ignoring().requestMatchers(PathRequest.toH2Console());
}
@Override
public void configure(WebSecurity web) {
web
.ignoring().requestMatchers(PathRequest.toH2Console());
}