Example usage for org.springframework.security.config.annotation.web.builders HttpSecurity httpBasic

List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity httpBasic

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.annotation.web.builders.*
  5. HttpSecurity
  6. httpBasic

Introduction

In this page you can find the example usage for org.springframework.security.config.annotation.web.builders HttpSecurity httpBasic.

Prototype

public HttpBasicConfigurer<HttpSecurity> httpBasic() throws Exception

Source Link

Document

Configures HTTP Basic authentication.

Usage

From source file:com.netflix.genie.web.security.saml.SAMLConfig.java

/**
 * Defines the web based security configuration.
 *
 * @param http It allows configuring web based security for specific http requests.
 * @throws Exception on any error//from  w w w.j a  v  a  2  s. c o  m
 */
@Override
protected void configure(final HttpSecurity http) throws Exception {
    // @formatter:off
    http.httpBasic().authenticationEntryPoint(samlEntryPoint());
    http.csrf().disable();
    http.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class).addFilterAfter(samlFilter(),
            BasicAuthenticationFilter.class);
    http.antMatcher("/**").authorizeRequests().antMatchers("/actuator/**").permitAll().antMatchers("/api/**")
            .permitAll().antMatchers("/error").permitAll().antMatchers("/saml/**").permitAll().anyRequest()
            .authenticated().and().x509().authenticationUserDetailsService(this.x509UserDetailsService);
    http.logout().logoutSuccessUrl("/");
    // @formatter:on
}

From source file:com.netflix.genie.security.saml.SAMLConfig.java

/**
 * Defines the web based security configuration.
 *
 * @param http It allows configuring web based security for specific http requests.
 * @throws Exception on any error/*from  w  w w  . j a  va 2  s.co m*/
 */
@Override
protected void configure(final HttpSecurity http) throws Exception {
    // @formatter:off
    http.httpBasic().authenticationEntryPoint(samlEntryPoint());
    http.csrf().disable();
    http.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class).addFilterAfter(samlFilter(),
            BasicAuthenticationFilter.class);
    http.antMatcher("/**").authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
            .antMatchers("/api/**").permitAll().antMatchers("/error").permitAll().antMatchers("/saml/**")
            .permitAll().anyRequest().authenticated().and().x509()
            .authenticationUserDetailsService(this.x509UserDetailsService);
    http.logout().logoutSuccessUrl("/");
    // @formatter:on
}

From source file:org.vaadin.spring.samples.mvp.security.config.HttpSecurityConfigurer.java

void configure(Environment env, ApplicationContext context, HttpSecurity http) throws Exception {
    // all requests are authenticated
    http.authorizeRequests().antMatchers("/VAADIN/**", "/PUSH/**", "/UIDL/**", "/login", "/login/**")
            .permitAll().antMatchers("/**").fullyAuthenticated().and()
            // Vaadin chokes if this filter is enabled, disable it!
            .csrf().disable();//from   w w  w  . j a  v  a 2  s  .co m

    // have UI peacefully coexist with Apache CXF web-services
    String id = env.getProperty("app.security.scheme", Scheme.BASIC.id());
    Scheme scheme = Scheme.fromValue(id);
    switch (scheme) {
    case FORM:
        http.formLogin().failureUrl("/login?error").defaultSuccessUrl("/ui").permitAll().and().logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/login")
                .permitAll();
        break;
    case BASIC:
        http.httpBasic();
        break;
    case DIGEST:
        // @see http://java.dzone.com/articles/basic-and-digest
        http.httpBasic();
        http.addFilterAfter(context.getBean(DigestAuthenticationFilter.class), BasicAuthenticationFilter.class);
        break;
    }

    // TODO plumb custom HTTP 403 and 404 pages
    /* http.exceptionHandling().accessDeniedPage("/access?error"); */
}

From source file:org.opentestsystem.ap.iat.config.SecurityConfig.java

/**
 * Defines the web based security configuration.
 *
 * @param http It allows configuring web based security for specific http requests.
 * @throws Exception//from ww w  . j  a va2 s.co m
 */
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.httpBasic().authenticationEntryPoint(samlEntryPoint());
    http.csrf().disable();
    http.addFilterBefore(forwardedHeaderFilter(), ChannelProcessingFilter.class)
            .addFilterAfter(metadataGeneratorFilter(), ForwardedHeaderFilter.class)
            .addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
    http.headers().frameOptions().sameOrigin();
    http.authorizeRequests()
            .antMatchers("/saml/**", "/manage/**/health**", "/manage/**/info**", "/assets/**", "**.js",
                    "favicon.**", "/fontawesome**", "/glyphicons**", "/api/sec/**", "/api/ivs/**",
                    "/error/403.html", "/keepalive")
            .permitAll();
    http.authorizeRequests().antMatchers("/**").hasAnyRole("ADMIN", "USER");
    http.logout().logoutSuccessUrl("/");

    http.exceptionHandling().accessDeniedHandler(accessDeniedHandler());
}