Marcus Da Coregio
parent
475b3bb6bb
commit
ace8caa182
|
|
@ -67,9 +67,9 @@ SecurityFilterChain web(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
// ...
|
// ...
|
||||||
.authorizeHttpRequests(authorize -> authorize // <1>
|
.authorizeHttpRequests(authorize -> authorize // <1>
|
||||||
.mvcMatchers("/resources/**", "/signup", "/about").permitAll() // <2>
|
.requestMatchers("/resources/**", "/signup", "/about").permitAll() // <2>
|
||||||
.mvcMatchers("/admin/**").hasRole("ADMIN") // <3>
|
.requestMatchers("/admin/**").hasRole("ADMIN") // <3>
|
||||||
.mvcMatchers("/db/**").access(new WebExpressionAuthorizationManager("hasRole('ADMIN') and hasRole('DBA')")) // <4>
|
.requestMatchers("/db/**").access(new WebExpressionAuthorizationManager("hasRole('ADMIN') and hasRole('DBA')")) // <4>
|
||||||
.anyRequest().denyAll() // <5>
|
.anyRequest().denyAll() // <5>
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
@ -142,7 +142,7 @@ Here is an example of mapping a custom authorization manager to the `my/authoriz
|
||||||
SecurityFilterChain web(HttpSecurity http) throws Exception {
|
SecurityFilterChain web(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests((authorize) -> authorize
|
.authorizeHttpRequests((authorize) -> authorize
|
||||||
.mvcMatchers("/my/authorized/endpoint").access(new CustomAuthorizationManager());
|
.requestMatchers("/my/authorized/endpoint").access(new CustomAuthorizationManager());
|
||||||
)
|
)
|
||||||
// ...
|
// ...
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -188,7 +188,7 @@ public class MyCustomSecurityConfiguration {
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests(authorize -> authorize
|
.authorizeHttpRequests(authorize -> authorize
|
||||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read")
|
.requestMatchers("/messages/**").hasAuthority("SCOPE_message:read")
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
)
|
)
|
||||||
.oauth2ResourceServer(oauth2 -> oauth2
|
.oauth2ResourceServer(oauth2 -> oauth2
|
||||||
|
|
@ -737,8 +737,8 @@ public class DirectlyConfiguredJwkSetUri {
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests(authorize -> authorize
|
.authorizeHttpRequests(authorize -> authorize
|
||||||
.mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
|
.requestMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
|
||||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_messages")
|
.requestMatchers("/messages/**").hasAuthority("SCOPE_messages")
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
)
|
)
|
||||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||||
|
|
|
||||||
|
|
@ -231,7 +231,7 @@ public class MyCustomSecurityConfiguration {
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests(authorize -> authorize
|
.authorizeHttpRequests(authorize -> authorize
|
||||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read")
|
.requestMatchers("/messages/**").hasAuthority("SCOPE_message:read")
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
)
|
)
|
||||||
.oauth2ResourceServer(oauth2 -> oauth2
|
.oauth2ResourceServer(oauth2 -> oauth2
|
||||||
|
|
@ -513,8 +513,8 @@ public class MappedAuthorities {
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests(authorizeRequests -> authorizeRequests
|
.authorizeHttpRequests(authorizeRequests -> authorizeRequests
|
||||||
.mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
|
.requestMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
|
||||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_messages")
|
.requestMatchers("/messages/**").hasAuthority("SCOPE_messages")
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
)
|
)
|
||||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);
|
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);
|
||||||
|
|
|
||||||
|
|
@ -329,7 +329,7 @@ public class MyCustomSecurityConfiguration {
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests(authorize -> authorize
|
.authorizeHttpRequests(authorize -> authorize
|
||||||
.mvcMatchers("/messages/**").hasAuthority("ROLE_USER")
|
.requestMatchers("/messages/**").hasAuthority("ROLE_USER")
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
)
|
)
|
||||||
.saml2Login(withDefaults());
|
.saml2Login(withDefaults());
|
||||||
|
|
@ -481,7 +481,7 @@ public class MyCustomSecurityConfiguration {
|
||||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests(authorize -> authorize
|
.authorizeHttpRequests(authorize -> authorize
|
||||||
.mvcMatchers("/messages/**").hasAuthority("ROLE_USER")
|
.requestMatchers("/messages/**").hasAuthority("ROLE_USER")
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
)
|
)
|
||||||
.saml2Login(saml2 -> saml2
|
.saml2Login(saml2 -> saml2
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue