Example usage for org.springframework.security.config.annotation.web.builders HttpSecurity logout

List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity logout

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.annotation.web.builders.*
  5. HttpSecurity
  6. logout

Introduction

In this page you can find the example usage for org.springframework.security.config.annotation.web.builders HttpSecurity logout.

Prototype

public LogoutConfigurer<HttpSecurity> logout() throws Exception

Source Link

Document

Provides logout support.

Usage

From source file:shiver.me.timbers.spring.security.integration.JwtAnnotationSecurityConfiguration.java

@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(STATELESS);
    http.antMatcher("/jwt/**");
    http.csrf().disable();/*ww  w .  j  a v a2s  .  com*/
    http.authorizeRequests().antMatchers("/jwt/one").access("hasRole('ONE')").antMatchers("/jwt/two")
            .access("hasRole('TWO')").anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/jwt/signIn")
            .permitAll();
    http.logout().logoutUrl("/jwt/signOut").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}

From source file:cn.org.once.cstack.config.SecurityConfiguration.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    // Login Form
    http.formLogin().loginProcessingUrl("/user/authentication").successHandler(ajaxAuthenticationSuccessHandler)
            .failureHandler(ajaxAuthenticationFailureHandler).usernameParameter("j_username")
            .passwordParameter("j_password").permitAll();

    // Logout//from  ww w.  j  ava  2s .  c om
    http.logout().logoutUrl("/user/logout").logoutSuccessHandler(ajaxLogoutSuccessHandler)
            .deleteCookies("JSESSIONID", "XSRF-TOKEN", "isLogged").invalidateHttpSession(true).permitAll();

    // CSRF protection
    // enable for any profils
    activateProtectionCRSF(http);
    // enable for any profils
    disableProtectionCRSF(http);

    // Routes security
    http.authorizeRequests().antMatchers("/gitlab/**").permitAll().antMatchers("/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").and().exceptionHandling()
            .authenticationEntryPoint(authenticationEntryPoint);
    if ("true".equals(System.getProperty("httpsOnly"))) {
        logger.info("launching the application in HTTPS-only mode");
        http.requiresChannel().anyRequest().requiresSecure();
    }
}

From source file:shiver.me.timbers.spring.security.integration.JwtApplySecurityConfiguration.java

@Override
protected final void configure(HttpSecurity http) throws Exception {
    http.sessionManagement().sessionCreationPolicy(STATELESS);
    http.apply(jwt());//from ww  w .  j  a  v  a  2  s.  c  o  m
    http.antMatcher("/jwt/**");
    http.csrf().disable();
    http.authorizeRequests().antMatchers("/jwt/one").access("hasRole('ONE')").antMatchers("/jwt/two")
            .access("hasRole('TWO')").anyRequest().authenticated();
    http.formLogin().successHandler(new NoRedirectAuthenticationSuccessHandler()).loginPage("/jwt/signIn")
            .permitAll();
    http.logout().logoutUrl("/jwt/signOut").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler());
    http.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
}

From source file:fr.treeptik.cloudunit.config.SecurityConfiguration.java

@Override
protected void configure(HttpSecurity http) throws Exception {

    // Login Form
    http.formLogin().loginProcessingUrl("/user/authentication").successHandler(ajaxAuthenticationSuccessHandler)
            .failureHandler(ajaxAuthenticationFailureHandler).usernameParameter("j_username")
            .passwordParameter("j_password").permitAll();

    // Logout//w  ww  .j  a v  a  2s  . c  om
    http.logout().logoutUrl("/user/logout").logoutSuccessHandler(ajaxLogoutSuccessHandler)
            .deleteCookies("JSESSIONID", "XSRF-TOKEN", "isLogged").invalidateHttpSession(true).permitAll();

    // CSRF protection
    // enable for any profils
    activateProtectionCRSF(http);
    // enable for any profils
    disableProtectionCRSF(http);

    // Routes security
    http.authorizeRequests().antMatchers("/application/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN")
            .antMatchers("/server/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/module/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/file/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/image/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/user/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/logs/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/snapshot/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/monitoring/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/messages/**")
            .hasAnyAuthority("ROLE_USER", "ROLE_ADMIN").antMatchers("/admin/**").hasAnyAuthority("ROLE_ADMIN")
            .antMatchers("/user/check", "/nopublic/**").permitAll().and().exceptionHandling()
            .authenticationEntryPoint(authenticationEntryPoint);

    if ("true".equals(System.getProperty("httpsOnly"))) {
        logger.info("launching the application in HTTPS-only mode");
        http.requiresChannel().anyRequest().requiresSecure();
    }
}

From source file:com.miserablemind.butter.security.WebSecurityContext.java

/**
 * Main configuration method that defines the protected pages, log in form parameters, remember me and access {@link AccessDeniedHandler}.
 *
 * @param http A {@link HttpSecurity}. It is similar to Spring Security's XML &lt;http&gt; element in the namespace configuration.
 * @throws Exception//from   www  .j  av a 2  s .  co  m
 */
@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/login", "/signup", "/error/**", "/reset-password/**",
            "/forgot-password/**", "/js/**", "/img/**", "/css/**").permitAll().anyRequest()
            .access("hasRole('ROLE_USER')");

    http.formLogin().loginPage("/login").failureUrl("/login?error=true").passwordParameter("password")
            .usernameParameter("username").loginProcessingUrl("/login-submit").defaultSuccessUrl("/");

    http.csrf().disable();

    http.logout().invalidateHttpSession(true).logoutUrl("/logout-success");

    http.rememberMe().key(this.configSystem.getRememberMeKey()).rememberMeServices(this.rememberMeServices());
    http.exceptionHandling().accessDeniedHandler(this.accessDeniedHandler);
}

From source file:ch.javaee.basicMvc.config.SecurityConfig.java

/**
 * @param http//www . j a v a 2s  . c om
 * @throws Exception
 */

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/users**", "/sessions/**").hasRole("ADMIN") //
            // everybody can access the main page ("/") and the signup page ("/signup")
            .antMatchers("/assets/**", "/", "/login", "/signup", "/public/**").permitAll().anyRequest()
            .hasRole("USER")

    ;
    FormLoginConfigurer formLoginConfigurer = http.formLogin();
    formLoginConfigurer.loginPage("/login").failureUrl("/login/failure").defaultSuccessUrl("/login/success")
            .permitAll();
    LogoutConfigurer logoutConfigurer = http.logout();
    logoutConfigurer.logoutUrl("/logout").logoutSuccessUrl("/logout/success");
}

From source file:jp.pigumer.sso.WebSecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.httpBasic().authenticationEntryPoint(samlEntryPoint());
    http.csrf().disable();// w  w w .ja va  2  s. com
    http.authorizeRequests().antMatchers("/", "/saml/**").permitAll().anyRequest().authenticated();
    http.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class).addFilterAfter(samlFilter(),
            BasicAuthenticationFilter.class);
    http.logout().logoutSuccessUrl("/");

}

From source file:com.vdenotaris.spring.boot.security.saml.web.config.WebSecurityConfig.java

/**
 * Defines the web based security configuration.
 * //  w ww . j  av  a  2 s  .  co m
 * @param   http It allows configuring web based security for specific http requests.
 * @throws  Exception 
 */
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.httpBasic().authenticationEntryPoint(samlEntryPoint());
    http.csrf().disable();
    http.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class).addFilterAfter(samlFilter(),
            BasicAuthenticationFilter.class);
    http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/error").permitAll()
            .antMatchers("/saml/**").permitAll().anyRequest().authenticated();
    http.logout().logoutSuccessUrl("/");
}

From source file:com.naveen.demo.config.Saml2SSOConfig.java

/**
  * Defines the web based security configuration.
  * /*from   w w w  . jav  a2  s . c om*/
  * @param   http It allows configuring web based security for specific http requests.
  * @throws  Exception 
  */
@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/js/**", "/libs/**", "/login**").permitAll();

    http.httpBasic().authenticationEntryPoint(samlEntryPoint());
    http.csrf().disable();
    http.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class).addFilterAfter(samlFilter(),
            BasicAuthenticationFilter.class);

    http.antMatcher("/login/**").authorizeRequests().anyRequest().authenticated();

    /* http        
    .authorizeRequests()
    .antMatchers("/").permitAll()
    .antMatchers("/error").permitAll()
    .antMatchers("/saml/**").permitAll()
    .anyRequest().authenticated();*/

    http.logout().logoutSuccessUrl("/");
}

From source file:org.smigo.user.authentication.SecurityConfig.java

@Override
protected void configure(HttpSecurity http) throws Exception {
    /*/*from   www. j  a  v a 2  s  .  c o  m*/
            HttpSessionSecurityContextRepository repository = new HttpSessionSecurityContextRepository();
            repository.setDisableUrlRewriting(false);
            http.securityContext().securityContextRepository(repository);
    */
    http.authorizeRequests().anyRequest().permitAll();

    FormLoginConfigurer<HttpSecurity> formLogin = http.formLogin();
    formLogin.loginPage("/login");
    formLogin.loginProcessingUrl("/login");
    formLogin.failureHandler(restAuthenticationFailureHandler);
    formLogin.successHandler(emptyAuthenticationSuccessHandler);

    final SpringSocialConfigurer springSocialConfigurer = new SpringSocialConfigurer();
    springSocialConfigurer.postLoginUrl("/garden-planner");
    http.apply(springSocialConfigurer);

    RememberMeConfigurer<HttpSecurity> rememberMe = http.rememberMe();
    rememberMe.userDetailsService(customUserDetailsService);
    rememberMe.tokenValiditySeconds(Integer.MAX_VALUE);
    rememberMe.tokenRepository(persistentTokenRepository());

    LogoutConfigurer<HttpSecurity> logout = http.logout();
    logout.invalidateHttpSession(true);
    logout.logoutUrl("/logout");
    logout.logoutSuccessUrl("/welcome-back");

    CsrfConfigurer<HttpSecurity> csrf = http.csrf();
    csrf.disable();

    OpenIDLoginConfigurer<HttpSecurity> openidLogin = http.openidLogin();
    openidLogin.loginPage("/login");
    openidLogin.loginProcessingUrl("/login-openid");
    openidLogin.authenticationUserDetailsService(openIdUserDetailsService);
    openidLogin.permitAll();
    openidLogin.defaultSuccessUrl("/garden-planner");
    //      openidLogin.attributeExchange("https://www.google.com/.*").attribute("axContactEmail").type("http://axschema.org/contact/email").required(true);
}