Add noformat blocks around http config
Find `http` config using a regex search of `^\s*https*$` and protect them against formatting. Issue gh-8945
This commit is contained in:
parent
27ac046d8a
commit
103d822e46
|
@ -357,18 +357,18 @@ public abstract class WebSecurityConfigurerAdapter implements
|
|||
* @param http the {@link HttpSecurity} to modify
|
||||
* @throws Exception if an error occurs
|
||||
*/
|
||||
// @formatter:off
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).");
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin().and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
/**
|
||||
* Gets the ApplicationContext
|
||||
|
|
|
@ -169,17 +169,17 @@ public final class X509Configurer<H extends HttpSecurityBuilder<H>> extends
|
|||
return this;
|
||||
}
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
public void init(H http) {
|
||||
PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider();
|
||||
authenticationProvider.setPreAuthenticatedUserDetailsService(getAuthenticationUserDetailsService(http));
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.authenticationProvider(authenticationProvider)
|
||||
.setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint());
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
@Override
|
||||
public void configure(H http) {
|
||||
|
|
|
@ -96,16 +96,20 @@ class WebFluxSecurityConfiguration {
|
|||
* @return
|
||||
*/
|
||||
private SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeExchange()
|
||||
.anyExchange().authenticated();
|
||||
// @formatter:on
|
||||
|
||||
if (isOAuth2Present && OAuth2ClasspathGuard.shouldConfigure(this.context)) {
|
||||
OAuth2ClasspathGuard.configure(this.context, http);
|
||||
} else {
|
||||
// @formatter:off
|
||||
http
|
||||
.httpBasic().and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
SecurityWebFilterChain result = http.build();
|
||||
|
@ -114,9 +118,11 @@ class WebFluxSecurityConfiguration {
|
|||
|
||||
private static class OAuth2ClasspathGuard {
|
||||
static void configure(ApplicationContext context, ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login().and()
|
||||
.oauth2Client();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
static boolean shouldConfigure(ApplicationContext context) {
|
||||
|
|
|
@ -1812,6 +1812,7 @@ public class ServerHttpSecurity {
|
|||
|
||||
private void registerDefaultCsrfOverride(ServerHttpSecurity http) {
|
||||
if ( http.csrf != null && !http.csrf.specifiedRequireCsrfProtectionMatcher ) {
|
||||
// @formatter:off
|
||||
http
|
||||
.csrf()
|
||||
.requireCsrfProtectionMatcher(
|
||||
|
@ -1819,6 +1820,7 @@ public class ServerHttpSecurity {
|
|||
CsrfWebFilter.DEFAULT_CSRF_MATCHER,
|
||||
new NegatedServerWebExchangeMatcher(
|
||||
this.authenticationConverterServerWebExchangeMatcher)));
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1920,8 +1922,10 @@ public class ServerHttpSecurity {
|
|||
AuthenticationWebFilter oauth2 = new BearerTokenAuthenticationWebFilter(authenticationManager);
|
||||
oauth2.setServerAuthenticationConverter(bearerTokenConverter);
|
||||
oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint));
|
||||
// @formatter:off
|
||||
http
|
||||
.addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
protected ReactiveJwtDecoder getJwtDecoder() {
|
||||
|
|
|
@ -45,22 +45,22 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Autowired
|
||||
private UserRepository myUserRepository;
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) {
|
||||
// @formatter:off
|
||||
auth
|
||||
.authenticationProvider(authenticationProvider());
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/*").permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
@Bean
|
||||
@Override
|
||||
|
|
|
@ -96,9 +96,11 @@ public class Sec2758Tests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().access("hasAnyRole('CUSTOM')");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -35,10 +35,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
|
|||
@EnableWebSecurity
|
||||
static class AntMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.antMatchers("/demo/**").permitAll();
|
||||
// @formatter:on
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -51,10 +53,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
|
|||
@EnableWebSecurity
|
||||
static class MvcMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.mvcMatchers("/demo/**").permitAll();
|
||||
// @formatter:on
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -67,10 +71,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
|
|||
@EnableWebSecurity
|
||||
static class RegexMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.regexMatchers(".*").permitAll();
|
||||
// @formatter:on
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -83,10 +89,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
|
|||
@EnableWebSecurity
|
||||
static class AnyRequestAfterItselfConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.anyRequest().permitAll();
|
||||
// @formatter:on
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -99,10 +107,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
|
|||
@EnableWebSecurity
|
||||
static class RequestMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.requestMatchers(new AntPathRequestMatcher("/**")).permitAll();
|
||||
// @formatter:on
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -218,6 +218,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/signup", "/about").permitAll()
|
||||
|
@ -227,6 +228,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
|
|||
.loginPage("/login")
|
||||
// set permitAll for all URLs associated with Form Login
|
||||
.permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -354,6 +356,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
|
|||
@Order(1)
|
||||
public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/api/**")
|
||||
.authorizeRequests()
|
||||
|
@ -361,6 +364,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
|
|||
.antMatchers("/api/**").hasRole("USER")
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -375,6 +379,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/signup", "/about").permitAll()
|
||||
|
@ -383,6 +388,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
|
|||
.formLogin()
|
||||
.loginPage("/login")
|
||||
.permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -68,8 +68,10 @@ public class HttpConfigurationTests {
|
|||
static class UnregisteredFilterConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.addFilter(new UnregisteredFilter());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
|
@ -105,8 +107,10 @@ public class HttpConfigurationTests {
|
|||
static CasAuthenticationFilter CAS_AUTHENTICATION_FILTER;
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.addFilter(CAS_AUTHENTICATION_FILTER);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -124,6 +128,7 @@ public class HttpConfigurationTests {
|
|||
static class RequestMatcherRegistryConfigs extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.requestMatchers()
|
||||
.antMatchers("/api/**")
|
||||
|
@ -133,6 +138,7 @@ public class HttpConfigurationTests {
|
|||
.antMatchers("/**").hasRole("USER")
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -94,10 +94,12 @@ public class NamespaceHttpTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().permitAll()
|
||||
.accessDecisionManager(ACCESS_DECISION_MANAGER);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -114,6 +116,7 @@ public class NamespaceHttpTests {
|
|||
static class AccessDeniedPageConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin").hasRole("ADMIN")
|
||||
|
@ -121,6 +124,7 @@ public class NamespaceHttpTests {
|
|||
.and()
|
||||
.exceptionHandling()
|
||||
.accessDeniedPage("/AccessDeniedPage");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -145,11 +149,13 @@ public class NamespaceHttpTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -168,12 +174,14 @@ public class NamespaceHttpTests {
|
|||
static class CreateSessionAlwaysConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().permitAll()
|
||||
.and()
|
||||
.sessionManagement()
|
||||
.sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -191,12 +199,14 @@ public class NamespaceHttpTests {
|
|||
static class CreateSessionStatelessConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().permitAll()
|
||||
.and()
|
||||
.sessionManagement()
|
||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -220,6 +230,7 @@ public class NamespaceHttpTests {
|
|||
static class IfRequiredConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/unsecure").permitAll()
|
||||
|
@ -229,6 +240,7 @@ public class NamespaceHttpTests {
|
|||
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -246,12 +258,14 @@ public class NamespaceHttpTests {
|
|||
static class CreateSessionNeverConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().anonymous()
|
||||
.and()
|
||||
.sessionManagement()
|
||||
.sessionCreationPolicy(SessionCreationPolicy.NEVER);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -268,6 +282,7 @@ public class NamespaceHttpTests {
|
|||
static class EntryPointRefConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -276,6 +291,7 @@ public class NamespaceHttpTests {
|
|||
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/entry-point"))
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -299,8 +315,10 @@ public class NamespaceHttpTests {
|
|||
static class JaasApiProvisionConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.addFilter(new JaasApiIntegrationFilter());
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -317,12 +335,14 @@ public class NamespaceHttpTests {
|
|||
static class RealmConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic()
|
||||
.realmName("RealmConfig");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -341,8 +361,10 @@ public class NamespaceHttpTests {
|
|||
static class RequestMatcherAntConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/api/**");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -361,8 +383,10 @@ public class NamespaceHttpTests {
|
|||
static class RequestMatcherRegexConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.regexMatcher("/regex/.*");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -381,8 +405,10 @@ public class NamespaceHttpTests {
|
|||
static class RequestMatcherRefConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.requestMatcher(new MyRequestMatcher());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
static class MyRequestMatcher implements RequestMatcher {
|
||||
|
@ -439,6 +465,7 @@ public class NamespaceHttpTests {
|
|||
static class SecurityContextRepoConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -447,6 +474,7 @@ public class NamespaceHttpTests {
|
|||
.securityContextRepository(new NullSecurityContextRepository())
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -470,12 +498,14 @@ public class NamespaceHttpTests {
|
|||
static class ServletApiProvisionConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().permitAll()
|
||||
.and()
|
||||
.servletApi()
|
||||
.disable();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -492,9 +522,11 @@ public class NamespaceHttpTests {
|
|||
static class ServletApiProvisionDefaultsConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -525,11 +557,13 @@ public class NamespaceHttpTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/users**", "/sessions/**").hasRole("USER")
|
||||
.antMatchers("/signup").permitAll()
|
||||
.anyRequest().hasRole("USER");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -560,11 +594,13 @@ public class NamespaceHttpTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.apply(new UrlAuthorizationConfigurer<>(getApplicationContext())).getRegistry()
|
||||
.antMatchers("/users**", "/sessions/**").hasRole("USER")
|
||||
.antMatchers("/signup").hasRole("ANONYMOUS")
|
||||
.anyRequest().hasRole("USER");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -77,11 +77,13 @@ public class EnableWebSecurityTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/*").hasRole("USER")
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -127,10 +127,12 @@ public class WebSecurityConfigurationTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/role1/**")
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("1");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -139,10 +141,12 @@ public class WebSecurityConfigurationTests {
|
|||
static class WebConfigurer2 extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/role2/**")
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("2");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -151,10 +155,12 @@ public class WebSecurityConfigurationTests {
|
|||
static class WebConfigurer3 extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/role3/**")
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("3");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -163,9 +169,11 @@ public class WebSecurityConfigurationTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("4");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -258,10 +266,12 @@ public class WebSecurityConfigurationTests {
|
|||
static class WebConfigurer1 extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/role1/**")
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("1");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -269,10 +279,12 @@ public class WebSecurityConfigurationTests {
|
|||
static class WebConfigurer2 extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/role2/**")
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("2");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -319,10 +331,12 @@ public class WebSecurityConfigurationTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.expressionHandler(EXPRESSION_HANDLER);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -357,9 +371,11 @@ public class WebSecurityConfigurationTests {
|
|||
static class WebSecurityExpressionHandlerDefaultsConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -436,9 +452,11 @@ public class WebSecurityConfigurationTests {
|
|||
static class WebInvocationPrivilegeEvaluatorDefaultsConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -475,9 +493,11 @@ public class WebSecurityConfigurationTests {
|
|||
static class DefaultExpressionHandlerSetsBeanResolverConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().access("request.method == 'GET' ? @b.grant() : @b.deny()");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@RestController
|
||||
|
@ -571,10 +591,12 @@ public class WebSecurityConfigurationTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/anonymous/**")
|
||||
.authorizeRequests()
|
||||
.anyRequest().anonymous();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -583,9 +605,11 @@ public class WebSecurityConfigurationTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -60,12 +60,14 @@ public class AnonymousConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.anonymous()
|
||||
.key("key")
|
||||
.principal("principal")
|
||||
.and()
|
||||
.anonymous();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -83,10 +83,12 @@ public class FormLoginConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.formLogin().and()
|
||||
.requestCache()
|
||||
.requestCache(this.requestCache);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -78,12 +78,14 @@ public class HttpSecurityAntMatchersTests {
|
|||
@Configuration
|
||||
static class AntMatchersNoPatternsConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.requestMatchers()
|
||||
.antMatchers(HttpMethod.POST)
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.anyRequest().denyAll();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -108,6 +110,7 @@ public class HttpSecurityAntMatchersTests {
|
|||
@Configuration
|
||||
static class AntMatchersEmptyPatternsConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.requestMatchers()
|
||||
.antMatchers("/never/")
|
||||
|
@ -115,6 +118,7 @@ public class HttpSecurityAntMatchersTests {
|
|||
.and()
|
||||
.authorizeRequests()
|
||||
.anyRequest().denyAll();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -85,10 +85,12 @@ public class HttpSecurityLogoutTests {
|
|||
@Configuration
|
||||
static class ClearAuthenticationFalseConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.csrf().disable()
|
||||
.logout()
|
||||
.clearAuthentication(false);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -97,9 +97,11 @@ public class LogoutConfigurerClearSiteDataTests {
|
|||
static class HttpLogoutConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.logout()
|
||||
.addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE)));
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -95,11 +95,13 @@ public class NamespaceHttpBasicTests {
|
|||
@EnableWebSecurity
|
||||
static class HttpBasicConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -151,11 +153,13 @@ public class NamespaceHttpBasicTests {
|
|||
static class CustomHttpBasicConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.httpBasic().realmName("Custom Realm");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -207,9 +211,11 @@ public class NamespaceHttpBasicTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.httpBasic()
|
||||
.authenticationDetailsSource(this.authenticationDetailsSource);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -278,12 +284,14 @@ public class NamespaceHttpBasicTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.httpBasic()
|
||||
.authenticationEntryPoint(this.authenticationEntryPoint);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -67,9 +67,11 @@ public class NamespaceHttpCustomFilterTests {
|
|||
@EnableWebSecurity
|
||||
static class CustomFilterBeforeConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -82,9 +84,11 @@ public class NamespaceHttpCustomFilterTests {
|
|||
@EnableWebSecurity
|
||||
static class CustomFilterAfterConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.addFilterAfter(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -102,10 +106,12 @@ public class NamespaceHttpCustomFilterTests {
|
|||
}
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
// this works so long as the CustomFilter extends one of the standard filters
|
||||
// if not, use addFilterBefore or addFilterAfter
|
||||
.addFilter(new CustomFilter());
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -124,8 +130,10 @@ public class NamespaceHttpCustomFilterTests {
|
|||
}
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.addFilterAt(new OtherCustomFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -147,11 +155,13 @@ public class NamespaceHttpCustomFilterTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -86,11 +86,12 @@ public class NamespaceHttpExpressionHandlerTests {
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();
|
||||
handler.setExpressionParser(expressionParser());
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.expressionHandler(handler)
|
||||
.anyRequest().access("hasRole('USER')");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -90,11 +90,13 @@ public class NamespaceHttpFormLoginTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -120,6 +122,7 @@ public class NamespaceHttpFormLoginTests {
|
|||
static class FormLoginCustomConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
boolean alwaysUseDefaultSuccess = true;
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
|
@ -131,6 +134,7 @@ public class NamespaceHttpFormLoginTests {
|
|||
.failureUrl("/authentication/login?failed") // form-login@authentication-failure-url
|
||||
.loginProcessingUrl("/authentication/login/process") // form-login@login-processing-url
|
||||
.defaultSuccessUrl("/default", alwaysUseDefaultSuccess); // form-login@default-target-url / form-login@always-use-default-target
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -159,7 +163,7 @@ public class NamespaceHttpFormLoginTests {
|
|||
SavedRequestAwareAuthenticationSuccessHandler successHandler =
|
||||
new SavedRequestAwareAuthenticationSuccessHandler();
|
||||
successHandler.setDefaultTargetUrl("/custom/targetUrl");
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
|
@ -170,6 +174,7 @@ public class NamespaceHttpFormLoginTests {
|
|||
.successHandler(successHandler) // form-login@authentication-success-handler-ref
|
||||
.authenticationDetailsSource(authenticationDetailsSource()) // form-login@authentication-details-source-ref
|
||||
.and();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -77,8 +77,10 @@ public class NamespaceHttpHeadersTests {
|
|||
static class HeadersDefaultConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -94,10 +96,12 @@ public class NamespaceHttpHeadersTests {
|
|||
static class HeadersCacheControlConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
.defaultsDisabled()
|
||||
.cacheControl();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -113,10 +117,12 @@ public class NamespaceHttpHeadersTests {
|
|||
static class HstsConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
.defaultsDisabled()
|
||||
.httpStrictTransportSecurity();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -132,6 +138,7 @@ public class NamespaceHttpHeadersTests {
|
|||
static class HstsCustomConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
// hsts@request-matcher-ref, hsts@max-age-seconds, hsts@include-subdomains
|
||||
|
@ -140,6 +147,7 @@ public class NamespaceHttpHeadersTests {
|
|||
.requestMatcher(AnyRequestMatcher.INSTANCE)
|
||||
.maxAgeInSeconds(15768000)
|
||||
.includeSubDomains(false);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -155,12 +163,14 @@ public class NamespaceHttpHeadersTests {
|
|||
static class FrameOptionsSameOriginConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
// frame-options@policy=SAMEORIGIN
|
||||
.defaultsDisabled()
|
||||
.frameOptions()
|
||||
.sameOrigin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -178,12 +188,14 @@ public class NamespaceHttpHeadersTests {
|
|||
static class FrameOptionsAllowFromConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
// frame-options@ref
|
||||
.defaultsDisabled()
|
||||
.addHeaderWriter(new XFrameOptionsHeaderWriter(
|
||||
new StaticAllowFromStrategy(URI.create("https://example.com"))));
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -199,11 +211,13 @@ public class NamespaceHttpHeadersTests {
|
|||
static class XssProtectionConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
// xss-protection
|
||||
.defaultsDisabled()
|
||||
.xssProtection();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -219,6 +233,7 @@ public class NamespaceHttpHeadersTests {
|
|||
static class XssProtectionCustomConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
// xss-protection@enabled and xss-protection@block
|
||||
|
@ -226,6 +241,7 @@ public class NamespaceHttpHeadersTests {
|
|||
.xssProtection()
|
||||
.xssProtectionEnabled(true)
|
||||
.block(false);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -241,11 +257,13 @@ public class NamespaceHttpHeadersTests {
|
|||
static class ContentTypeOptionsConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
// content-type-options
|
||||
.defaultsDisabled()
|
||||
.contentTypeOptions();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -263,10 +281,12 @@ public class NamespaceHttpHeadersTests {
|
|||
static class HeaderRefConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.headers()
|
||||
.defaultsDisabled()
|
||||
.addHeaderWriter(new StaticHeadersWriter("customHeaderName", "customHeaderValue"));
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -120,6 +120,7 @@ public class NamespaceHttpInterceptUrlTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
// the line below is similar to intercept-url@pattern:
|
||||
|
@ -142,6 +143,7 @@ public class NamespaceHttpInterceptUrlTests {
|
|||
// the line below is similar to intercept-url@requires-channel="http":
|
||||
// <intercept-url pattern="/**" requires-channel="http"/>
|
||||
.anyRequest().requiresInsecure();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
|
|
|
@ -83,12 +83,14 @@ public class NamespaceHttpJeeTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("user")
|
||||
.and()
|
||||
.jee()
|
||||
.mappableRoles("user", "admin");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -120,6 +122,7 @@ public class NamespaceHttpJeeTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("user")
|
||||
|
@ -127,6 +130,7 @@ public class NamespaceHttpJeeTests {
|
|||
.jee()
|
||||
.mappableAuthorities("ROLE_user", "ROLE_admin")
|
||||
.authenticatedUserDetailsService(this.authenticationUserDetailsService);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -122,12 +122,14 @@ public class NamespaceHttpLogoutTests {
|
|||
static class CustomHttpLogoutConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.logout()
|
||||
.deleteCookies("remove") // logout@delete-cookies
|
||||
.invalidateHttpSession(false) // logout@invalidate-session=false (default is true)
|
||||
.logoutUrl("/custom-logout") // logout@logout-url (default is /logout)
|
||||
.logoutSuccessUrl("/logout-success"); // logout@success-url (default is /login?logout)
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -182,10 +184,11 @@ public class NamespaceHttpLogoutTests {
|
|||
SimpleUrlLogoutSuccessHandler logoutSuccessHandler =
|
||||
new SimpleUrlLogoutSuccessHandler();
|
||||
logoutSuccessHandler.setDefaultTargetUrl("/SuccessHandlerRefHttpLogoutConfig");
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.logout()
|
||||
.logoutSuccessHandler(logoutSuccessHandler);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -97,12 +97,14 @@ public class NamespaceHttpOpenIDLoginTests {
|
|||
static class OpenIDLoginConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.openidLogin()
|
||||
.permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -159,6 +161,7 @@ public class NamespaceHttpOpenIDLoginTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
|
@ -191,6 +194,7 @@ public class NamespaceHttpOpenIDLoginTests {
|
|||
.and()
|
||||
.and()
|
||||
.permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -209,6 +213,7 @@ public class NamespaceHttpOpenIDLoginTests {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
boolean alwaysUseDefaultSuccess = true;
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
|
@ -219,6 +224,7 @@ public class NamespaceHttpOpenIDLoginTests {
|
|||
.failureUrl("/authentication/login?failed") // openid-login@authentication-failure-url
|
||||
.loginProcessingUrl("/authentication/login/process") // openid-login@login-processing-url
|
||||
.defaultSuccessUrl("/default", alwaysUseDefaultSuccess); // openid-login@default-target-url / openid-login@always-use-default-target
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -267,7 +273,7 @@ public class NamespaceHttpOpenIDLoginTests {
|
|||
SavedRequestAwareAuthenticationSuccessHandler handler =
|
||||
new SavedRequestAwareAuthenticationSuccessHandler();
|
||||
handler.setDefaultTargetUrl("/custom/targetUrl");
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
|
@ -285,7 +291,7 @@ public class NamespaceHttpOpenIDLoginTests {
|
|||
return filter;
|
||||
}
|
||||
});
|
||||
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -64,6 +64,7 @@ public class NamespaceHttpPortMappingsTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
|
@ -74,6 +75,7 @@ public class NamespaceHttpPortMappingsTests {
|
|||
.requiresChannel()
|
||||
.antMatchers("/login", "/secured/**").requiresSecure()
|
||||
.anyRequest().requiresInsecure();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
|
|
|
@ -67,12 +67,14 @@ public class NamespaceHttpRequestCacheTests {
|
|||
@EnableWebSecurity
|
||||
static class RequestCacheRefConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.requestCache()
|
||||
.requestCache(requestCache());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
|
@ -104,9 +106,11 @@ public class NamespaceHttpRequestCacheTests {
|
|||
@EnableWebSecurity
|
||||
static class DefaultRequestCacheRefConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
|
|
|
@ -70,12 +70,14 @@ public class NamespaceHttpServerAccessDeniedHandlerTests {
|
|||
@EnableWebSecurity
|
||||
static class AccessDeniedPageConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().denyAll()
|
||||
.and()
|
||||
.exceptionHandling()
|
||||
.accessDeniedPage("/AccessDeniedPageConfig");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -121,12 +123,14 @@ public class NamespaceHttpServerAccessDeniedHandlerTests {
|
|||
@EnableWebSecurity
|
||||
static class AccessDeniedHandlerRefConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().denyAll()
|
||||
.and()
|
||||
.exceptionHandling()
|
||||
.accessDeniedHandler(accessDeniedHandler());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -88,11 +88,13 @@ public class NamespaceHttpX509Tests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.x509();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -119,12 +121,14 @@ public class NamespaceHttpX509Tests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.x509()
|
||||
.authenticationDetailsSource(authenticationDetailsSource());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -155,12 +159,14 @@ public class NamespaceHttpX509Tests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.x509()
|
||||
.subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)");
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -184,12 +190,14 @@ public class NamespaceHttpX509Tests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.x509()
|
||||
.x509PrincipalExtractor(this::extractCommonName);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
private String extractCommonName(X509Certificate certificate) {
|
||||
|
@ -221,12 +229,14 @@ public class NamespaceHttpX509Tests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.x509()
|
||||
.userDetailsService(username -> USER);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -248,12 +258,14 @@ public class NamespaceHttpX509Tests {
|
|||
}
|
||||
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.x509()
|
||||
.authenticationUserDetailsService(authentication -> USER);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -174,6 +174,7 @@ public class NamespaceSessionManagementTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -187,6 +188,7 @@ public class NamespaceSessionManagementTests {
|
|||
.maxSessionsPreventsLogin(true) // session-management/concurrency-control@error-if-maximum-exceeded
|
||||
.expiredUrl("/expired-session") // session-management/concurrency-control@expired-url
|
||||
.sessionRegistry(sessionRegistry()); // session-management/concurrency-control@session-registry-ref
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -219,9 +221,11 @@ public class NamespaceSessionManagementTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.invalidSessionStrategy(invalidSessionStrategy());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -250,11 +254,13 @@ public class NamespaceSessionManagementTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.sessionAuthenticationStrategy(sessionAuthenticationStrategy()) // session-management@session-authentication-strategy-ref
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -283,11 +289,13 @@ public class NamespaceSessionManagementTests {
|
|||
static class SFPNoneSessionManagementConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy())
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -314,10 +322,12 @@ public class NamespaceSessionManagementTests {
|
|||
static class SFPMigrateSessionManagementConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -338,10 +348,12 @@ public class NamespaceSessionManagementTests {
|
|||
static class SFPPostProcessedConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -373,11 +385,13 @@ public class NamespaceSessionManagementTests {
|
|||
static class SFPNewSessionSessionManagementConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.sessionFixation().newSession()
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -63,6 +63,7 @@ public class PermitAllSupportTests {
|
|||
static class PermitAllConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -70,6 +71,7 @@ public class PermitAllSupportTests {
|
|||
.formLogin()
|
||||
.loginPage("/xyz").permitAll()
|
||||
.loginProcessingUrl("/abc?def").permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -85,9 +87,11 @@ public class PermitAllSupportTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.formLogin()
|
||||
.permitAll();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -54,6 +54,7 @@ public class PortMapperConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.requiresChannel()
|
||||
.anyRequest().requiresSecure()
|
||||
|
@ -62,6 +63,7 @@ public class PortMapperConfigurerTests {
|
|||
.http(543).mapsTo(123)
|
||||
.and()
|
||||
.portMapper();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -260,11 +260,13 @@ public class RequestCacheConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -103,15 +103,15 @@ public class SessionManagementConfigurerServlet31Tests {
|
|||
@EnableWebSecurity
|
||||
static class SessionManagementDefaultSessionFixationServlet31Config extends
|
||||
WebSecurityConfigurerAdapter {
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.formLogin()
|
||||
.and()
|
||||
.sessionManagement();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
|
|
|
@ -60,16 +60,16 @@ public class SessionManagementConfigurerSessionAuthenticationStrategyTests {
|
|||
static class CustomSessionAuthenticationStrategyConfig extends WebSecurityConfigurerAdapter {
|
||||
static SessionAuthenticationStrategy customSessionAuthenticationStrategy = mock(SessionAuthenticationStrategy.class);
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.formLogin()
|
||||
.and()
|
||||
.sessionManagement()
|
||||
.sessionAuthenticationStrategy(customSessionAuthenticationStrategy);
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
|
|
|
@ -80,8 +80,10 @@ public class SessionManagementConfigurerSessionCreationPolicyTests {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
super.configure(http);
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
// @formatter:on
|
||||
|
||||
http.setSharedObject(SessionCreationPolicy.class, SessionCreationPolicy.ALWAYS);
|
||||
}
|
||||
|
|
|
@ -70,9 +70,10 @@ public class SessionManagementConfigurerTransientAuthenticationTests {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
super.configure(http);
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.csrf().disable();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -86,8 +87,10 @@ public class SessionManagementConfigurerTransientAuthenticationTests {
|
|||
static class AlwaysCreateSessionConfig extends WithTransientAuthenticationConfig {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -268,6 +268,7 @@ public class OAuth2ClientConfigurerTests {
|
|||
static class OAuth2ClientConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -279,6 +280,7 @@ public class OAuth2ClientConfigurerTests {
|
|||
.authorizationCodeGrant()
|
||||
.authorizationRequestResolver(authorizationRequestResolver)
|
||||
.accessTokenResponseClient(accessTokenResponseClient);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -617,10 +617,12 @@ public class OAuth2LoginConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login()
|
||||
.clientRegistrationRepository(
|
||||
new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION));
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
|
||||
|
@ -658,12 +660,14 @@ public class OAuth2LoginConfigurerTests {
|
|||
static class OAuth2LoginConfigCustomWithConfigurer extends CommonWebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login()
|
||||
.clientRegistrationRepository(
|
||||
new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))
|
||||
.userInfoEndpoint()
|
||||
.userAuthoritiesMapper(createGrantedAuthoritiesMapper());
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
}
|
||||
|
@ -672,8 +676,10 @@ public class OAuth2LoginConfigurerTests {
|
|||
static class OAuth2LoginConfigCustomWithBeanRegistration extends CommonWebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login();
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
|
||||
|
@ -692,6 +698,7 @@ public class OAuth2LoginConfigurerTests {
|
|||
static class OAuth2LoginConfigCustomUserServiceBeanRegistration extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -702,6 +709,7 @@ public class OAuth2LoginConfigurerTests {
|
|||
.oauth2Login()
|
||||
.tokenEndpoint()
|
||||
.accessTokenResponseClient(createOauth2AccessTokenResponseClient());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -739,11 +747,13 @@ public class OAuth2LoginConfigurerTests {
|
|||
static class OAuth2LoginConfigLoginProcessingUrl extends CommonWebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login()
|
||||
.clientRegistrationRepository(
|
||||
new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))
|
||||
.loginProcessingUrl("/login/oauth2/*");
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
}
|
||||
|
@ -757,11 +767,13 @@ public class OAuth2LoginConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login()
|
||||
.clientRegistrationRepository(this.clientRegistrationRepository)
|
||||
.authorizationEndpoint()
|
||||
.authorizationRequestResolver(this.resolver);
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
}
|
||||
|
@ -775,6 +787,7 @@ public class OAuth2LoginConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login(oauth2Login ->
|
||||
oauth2Login
|
||||
|
@ -784,6 +797,7 @@ public class OAuth2LoginConfigurerTests {
|
|||
.authorizationRequestResolver(this.resolver)
|
||||
)
|
||||
);
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
}
|
||||
|
@ -792,11 +806,13 @@ public class OAuth2LoginConfigurerTests {
|
|||
static class OAuth2LoginConfigMultipleClients extends CommonWebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login()
|
||||
.clientRegistrationRepository(
|
||||
new InMemoryClientRegistrationRepository(
|
||||
GOOGLE_CLIENT_REGISTRATION, GITHUB_CLIENT_REGISTRATION));
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
}
|
||||
|
@ -805,11 +821,13 @@ public class OAuth2LoginConfigurerTests {
|
|||
static class OAuth2LoginConfigCustomLoginPage extends CommonWebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Login()
|
||||
.clientRegistrationRepository(
|
||||
new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))
|
||||
.loginPage("/custom-login");
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
}
|
||||
|
@ -835,9 +853,11 @@ public class OAuth2LoginConfigurerTests {
|
|||
static class OAuth2LoginConfigWithOidcLogoutSuccessHandler extends CommonWebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.logout()
|
||||
.logoutSuccessHandler(oidcLogoutSuccessHandler());
|
||||
// @formatter:on
|
||||
super.configure(http);
|
||||
}
|
||||
|
||||
|
@ -859,6 +879,7 @@ public class OAuth2LoginConfigurerTests {
|
|||
private static abstract class CommonWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -873,6 +894,7 @@ public class OAuth2LoginConfigurerTests {
|
|||
.userInfoEndpoint()
|
||||
.userService(createOauth2UserService())
|
||||
.oidcUserService(createOidcUserService());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -1761,7 +1761,6 @@ public class OAuth2ResourceServerConfigurerTests {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -1769,7 +1768,6 @@ public class OAuth2ResourceServerConfigurerTests {
|
|||
.oauth2ResourceServer()
|
||||
.jwt()
|
||||
.jwtAuthenticationConverter(getJwtAuthenticationConverter());
|
||||
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
|
@ -1783,7 +1781,6 @@ public class OAuth2ResourceServerConfigurerTests {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/requires-read-scope").access("hasAuthority('message:read')")
|
||||
|
@ -1791,7 +1788,6 @@ public class OAuth2ResourceServerConfigurerTests {
|
|||
.oauth2ResourceServer()
|
||||
.jwt()
|
||||
.jwtAuthenticationConverter(getJwtAuthenticationConverter());
|
||||
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
|
@ -2255,6 +2251,7 @@ public class OAuth2ResourceServerConfigurerTests {
|
|||
.jwt()
|
||||
.and()
|
||||
.opaqueToken();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2306,6 +2303,7 @@ public class OAuth2ResourceServerConfigurerTests {
|
|||
.oauth2ResourceServer()
|
||||
.authenticationManagerResolver(mock(AuthenticationManagerResolver.class))
|
||||
.opaqueToken();
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -300,11 +300,13 @@ public class Saml2LoginConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests(authz -> authz
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.saml2Login(withDefaults());
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -319,11 +321,13 @@ public class Saml2LoginConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests(authz -> authz
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.saml2Login(saml2 -> {});
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -165,9 +165,11 @@ public class GrantedAuthorityDefaultsJcTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().access("hasRole('USER')");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -42,17 +42,19 @@ public class CustomConfigurer extends SecurityConfigurerAdapter<DefaultSecurityF
|
|||
// autowire this bean
|
||||
ApplicationContext context = http.getSharedObject(ApplicationContext.class);
|
||||
context.getAutowireCapableBeanFactory().autowireBean(this);
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers(permitAllPattern).permitAll()
|
||||
.anyRequest().authenticated();
|
||||
|
||||
// @formatter:on
|
||||
if (http.getConfigurer(FormLoginConfigurer.class) == null) {
|
||||
// only apply if formLogin() was not invoked by the user
|
||||
// @formatter:off
|
||||
http
|
||||
.formLogin()
|
||||
.loginPage(loginPage);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -120,9 +120,11 @@ public class CustomHttpSecurityConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.apply(customConfigurer())
|
||||
.loginPage("/custom");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -142,12 +144,14 @@ public class CustomHttpSecurityConfigurerTests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.apply(customConfigurer())
|
||||
.and()
|
||||
.csrf().disable()
|
||||
.formLogin()
|
||||
.loginPage("/other");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -117,8 +117,10 @@ public class OAuth2ClientSpecTests {
|
|||
static class Config {
|
||||
@Bean
|
||||
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Client();
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
@ -208,6 +210,7 @@ public class OAuth2ClientSpecTests {
|
|||
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Client()
|
||||
.authenticationConverter(this.authenticationConverter)
|
||||
|
@ -215,6 +218,7 @@ public class OAuth2ClientSpecTests {
|
|||
.authorizationRequestRepository(this.authorizationRequestRepository)
|
||||
.and()
|
||||
.requestCache(c -> c.requestCache(this.requestCache));
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
@ -274,6 +278,7 @@ public class OAuth2ClientSpecTests {
|
|||
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.oauth2Client(oauth2Client ->
|
||||
oauth2Client
|
||||
|
@ -281,6 +286,7 @@ public class OAuth2ClientSpecTests {
|
|||
.authenticationManager(this.manager)
|
||||
.authorizationRequestRepository(this.authorizationRequestRepository))
|
||||
.requestCache(c -> c.requestCache(this.requestCache));
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -253,12 +253,14 @@ public class OAuth2LoginTests {
|
|||
|
||||
@Bean
|
||||
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.requestCache()
|
||||
.requestCache(this.requestCache)
|
||||
.and()
|
||||
.oauth2Login()
|
||||
.authorizationRequestRepository(this.authorizationRequestRepository);
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
@ -395,6 +397,7 @@ public class OAuth2LoginTests {
|
|||
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeExchange()
|
||||
.anyExchange().authenticated()
|
||||
|
@ -406,6 +409,7 @@ public class OAuth2LoginTests {
|
|||
.authorizationRequestResolver(resolver)
|
||||
.authenticationSuccessHandler(successHandler)
|
||||
.authenticationFailureHandler(failureHandler);
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
@ -474,6 +478,7 @@ public class OAuth2LoginTests {
|
|||
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeExchange(exchanges ->
|
||||
exchanges
|
||||
|
@ -487,6 +492,7 @@ public class OAuth2LoginTests {
|
|||
.authorizationRequestResolver(resolver)
|
||||
.authenticationSuccessHandler(successHandler)
|
||||
);
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
@ -715,7 +721,7 @@ public class OAuth2LoginTests {
|
|||
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.csrf().disable()
|
||||
.logout()
|
||||
|
@ -726,7 +732,7 @@ public class OAuth2LoginTests {
|
|||
new InMemoryReactiveClientRegistrationRepository(this.withLogout)))
|
||||
.and()
|
||||
.securityContextRepository(this.repository);
|
||||
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -486,8 +486,6 @@ public class OAuth2ResourceServerSpecTests {
|
|||
.jwt()
|
||||
.publicKey(publicKey());
|
||||
// @formatter:on
|
||||
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
@ -511,7 +509,6 @@ public class OAuth2ResourceServerSpecTests {
|
|||
)
|
||||
);
|
||||
// @formatter:on
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
@ -533,8 +530,6 @@ public class OAuth2ResourceServerSpecTests {
|
|||
.jwt()
|
||||
.publicKey(this.key);
|
||||
// @formatter:on
|
||||
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
@ -877,6 +872,7 @@ public class OAuth2ResourceServerSpecTests {
|
|||
.oauth2ResourceServer()
|
||||
.authenticationManagerResolver(mock(ReactiveAuthenticationManagerResolver.class))
|
||||
.opaqueToken();
|
||||
// @formatter:on
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
|
|
@ -148,12 +148,14 @@ public class Sec2935Tests {
|
|||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Autowired
|
||||
|
|
|
@ -72,16 +72,15 @@ public class SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
super.configure(http);
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Autowired
|
||||
|
|
|
@ -165,11 +165,13 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2ClientTests {
|
|||
static class OAuth2ClientConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests(authz -> authz
|
||||
.anyRequest().permitAll()
|
||||
)
|
||||
.oauth2Client();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -167,11 +167,13 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests {
|
|||
static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.mvcMatchers("/admin/**").hasAuthority("SCOPE_admin")
|
||||
.anyRequest().hasAuthority("SCOPE_read")
|
||||
).oauth2Login();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -173,12 +173,14 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests {
|
|||
static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.mvcMatchers("/admin/**").hasAuthority("SCOPE_admin")
|
||||
.anyRequest().hasAuthority("SCOPE_read")
|
||||
.and()
|
||||
.oauth2Login();
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -130,6 +130,7 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests {
|
|||
static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.mvcMatchers("/admin/**").hasAuthority("SCOPE_admin")
|
||||
|
@ -138,6 +139,7 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests {
|
|||
.oauth2ResourceServer()
|
||||
.opaqueToken()
|
||||
.introspector(mock(OpaqueTokenIntrospector.class));
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@RestController
|
||||
|
|
|
@ -72,16 +72,15 @@ public class SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTes
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
super.configure(http);
|
||||
|
||||
// @formatter:off
|
||||
http
|
||||
.sessionManagement()
|
||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Autowired
|
||||
|
|
|
@ -74,14 +74,14 @@ public class CustomCsrfShowcaseTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.csrf()
|
||||
.csrfTokenRepository(repo());
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Autowired
|
||||
|
|
|
@ -91,9 +91,9 @@ public class CustomConfigAuthenticationTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -105,8 +105,8 @@ public class CustomConfigAuthenticationTests {
|
|||
.usernameParameter("user")
|
||||
.passwordParameter("pass")
|
||||
.loginPage("/authenticate");
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Bean
|
||||
|
|
|
@ -81,9 +81,9 @@ public class CustomLoginRequestBuilderAuthenticationTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
|
@ -92,8 +92,8 @@ public class CustomLoginRequestBuilderAuthenticationTests {
|
|||
.usernameParameter("user")
|
||||
.passwordParameter("pass")
|
||||
.loginPage("/authenticate");
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Bean
|
||||
|
|
|
@ -85,17 +85,17 @@ public class DefaultfSecurityRequestsTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Autowired
|
||||
|
|
|
@ -103,17 +103,17 @@ public class SecurityRequestsTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Autowired
|
||||
|
|
|
@ -87,17 +87,17 @@ public class WithUserAuthenticationTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Autowired
|
||||
|
|
|
@ -87,17 +87,17 @@ public class WithUserClassLevelAuthenticationTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Autowired
|
||||
|
|
|
@ -79,17 +79,17 @@ public class WithUserDetailsAuthenticationTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
@Bean
|
||||
@Override
|
||||
|
|
|
@ -79,17 +79,17 @@ public class WithUserDetailsClassLevelAuthenticationTests {
|
|||
@EnableWebMvc
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/admin/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin();
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
@Bean
|
||||
@Override
|
||||
|
|
|
@ -189,29 +189,29 @@ public class WebTestUtilsTests {
|
|||
static CsrfTokenRepository CSRF_REPO;
|
||||
static SecurityContextRepository CONTEXT_REPO;
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.csrf()
|
||||
.csrfTokenRepository(CSRF_REPO)
|
||||
.and()
|
||||
.securityContext()
|
||||
.securityContextRepository(CONTEXT_REPO);
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class PartialSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
public void configure(HttpSecurity http) {
|
||||
// @formatter:off
|
||||
http
|
||||
.antMatcher("/willnotmatchthis");
|
||||
// @formatter:on
|
||||
}
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Configuration
|
||||
|
|
Loading…
Reference in New Issue