Josh Cummings
parent
f4ddb4e3f4
commit
b60020a40c
|
|
@ -32,7 +32,7 @@ The explicit configuration looks like:
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
// ...
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
);
|
||||
}
|
||||
|
|
@ -71,7 +71,7 @@ We can configure Spring Security to have different rules by adding more rules in
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
// ...
|
||||
.authorizeRequests(authorize -> authorize // <1>
|
||||
.authorizeHttpRequests(authorize -> authorize // <1>
|
||||
.mvcMatchers("/resources/**", "/signup", "/about").permitAll() // <2>
|
||||
.mvcMatchers("/admin/**").hasRole("ADMIN") // <3>
|
||||
.mvcMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')") // <4>
|
||||
|
|
|
|||
|
|
@ -144,7 +144,7 @@ You could refer to the method using:
|
|||
[source,java,role="primary"]
|
||||
----
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.antMatchers("/user/**").access("@webSecurity.check(authentication,request)")
|
||||
...
|
||||
)
|
||||
|
|
@ -210,7 +210,7 @@ You could refer to the method using:
|
|||
[source,java,role="primary",attrs="-attributes"]
|
||||
----
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.antMatchers("/user/{userId}/**").access("@webSecurity.checkUserId(authentication,#userId)")
|
||||
...
|
||||
);
|
||||
|
|
|
|||
|
|
@ -193,7 +193,7 @@ public class MultiHttpSecurityConfig {
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.antMatcher("/api/**") <3>
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().hasRole("ADMIN")
|
||||
)
|
||||
.httpBasic(withDefaults());
|
||||
|
|
@ -206,7 +206,7 @@ public class MultiHttpSecurityConfig {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(withDefaults());
|
||||
|
|
|
|||
|
|
@ -138,7 +138,7 @@ If we wanted to restrict access to this controller method to admin users, a deve
|
|||
----
|
||||
protected configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.antMatchers("/admin").hasRole("ADMIN")
|
||||
);
|
||||
}
|
||||
|
|
@ -183,7 +183,7 @@ The following configuration will protect the same URLs that Spring MVC will matc
|
|||
----
|
||||
protected configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.mvcMatchers("/admin").hasRole("ADMIN")
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -456,7 +456,7 @@ public class WebSecurityConfig
|
|||
.sameOrigin()
|
||||
)
|
||||
)
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
...
|
||||
)
|
||||
...
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login(oauth2 -> oauth2
|
||||
|
|
|
|||
|
|
@ -872,7 +872,7 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login(withDefaults())
|
||||
|
|
|
|||
|
|
@ -321,7 +321,7 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login(withDefaults());
|
||||
|
|
@ -367,7 +367,7 @@ public class OAuth2LoginConfig {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login(withDefaults());
|
||||
|
|
@ -462,7 +462,7 @@ public class OAuth2LoginConfig {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login(withDefaults());
|
||||
|
|
|
|||
|
|
@ -146,7 +146,7 @@ The first is a `WebSecurityConfigurerAdapter` that configures the app as a resou
|
|||
----
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
|
|
@ -182,7 +182,7 @@ Replacing this is as simple as exposing the bean within the application:
|
|||
public class MyCustomSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
|
@ -299,7 +299,7 @@ An authorization server's JWK Set Uri can be configured <<oauth2resourceserver-j
|
|||
public class DirectlyConfiguredJwkSetUri extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
@ -359,7 +359,7 @@ More powerful than `jwkSetUri()` is `decoder()`, which will completely replace a
|
|||
public class DirectlyConfiguredJwtDecoder extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
@ -719,7 +719,7 @@ This means that to protect an endpoint or method with a scope derived from a JWT
|
|||
public class DirectlyConfiguredJwkSetUri extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
|
||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_messages")
|
||||
.anyRequest().authenticated()
|
||||
|
|
@ -926,7 +926,7 @@ static class CustomAuthenticationConverter implements Converter<Jwt, AbstractAut
|
|||
public class CustomAuthenticationConverterConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ And then specify this `AuthenticationManagerResolver` in the DSL:
|
|||
[source,java,role="primary"]
|
||||
----
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
@ -109,7 +109,7 @@ JwtIssuerAuthenticationManagerResolver authenticationManagerResolver = new JwtIs
|
|||
("https://idp.example.org/issuerOne", "https://idp.example.org/issuerTwo");
|
||||
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
@ -176,7 +176,7 @@ JwtIssuerAuthenticationManagerResolver authenticationManagerResolver =
|
|||
new JwtIssuerAuthenticationManagerResolver(authenticationManagers::get);
|
||||
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
|
|||
|
|
@ -188,7 +188,7 @@ When use Opaque Token, this `WebSecurityConfigurerAdapter` looks like:
|
|||
----
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);
|
||||
|
|
@ -224,7 +224,7 @@ Replacing this is as simple as exposing the bean within the application:
|
|||
public class MyCustomSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
|
@ -338,7 +338,7 @@ An authorization server's Introspection Uri can be configured <<oauth2resourcese
|
|||
public class DirectlyConfiguredIntrospectionUri extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
@ -400,7 +400,7 @@ More powerful than `introspectionUri()` is `introspector()`, which will complete
|
|||
public class DirectlyConfiguredIntrospector extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2 -> oauth2
|
||||
|
|
@ -479,7 +479,7 @@ This means that to protect an endpoint or method with a scope derived from an Op
|
|||
public class MappedAuthorities extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorizeRequests -> authorizeRequests
|
||||
.authorizeHttpRequests(authorizeRequests -> authorizeRequests
|
||||
.mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
|
||||
.mvcMatchers("/messages/**").hasAuthority("SCOPE_messages")
|
||||
.anyRequest().authenticated()
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
);
|
||||
|
||||
http
|
||||
.authorizeRequests(authz -> authz
|
||||
.authorizeHttpRequests(authz -> authz
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.saml2Login(saml2 -> saml2
|
||||
|
|
@ -106,7 +106,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
});
|
||||
|
||||
http
|
||||
.authorizeRequests(authz -> authz
|
||||
.authorizeHttpRequests(authz -> authz
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.saml2Login(saml2 -> saml2
|
||||
|
|
@ -310,7 +310,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
AuthenticationManager authenticationManager = new MySaml2AuthenticationManager(...);
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.saml2Login(saml2 -> saml2
|
||||
|
|
|
|||
|
|
@ -289,7 +289,7 @@ When including `spring-security-saml2-service-provider`, the `WebSecurityConfigu
|
|||
----
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.saml2Login(withDefaults());
|
||||
|
|
@ -323,7 +323,7 @@ You can replace this by exposing the bean within the application:
|
|||
public class MyCustomSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.mvcMatchers("/messages/**").hasAuthority("ROLE_USER")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
|
@ -471,7 +471,7 @@ Alternatively, you can directly wire up the repository using the DSL, which will
|
|||
public class MyCustomSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) {
|
||||
http
|
||||
.authorizeRequests(authorize -> authorize
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.mvcMatchers("/messages/**").hasAuthority("ROLE_USER")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ RelyingPartyRegistrationRepository registrations() {
|
|||
@Bean
|
||||
SecurityFilterChain web(HttpSecurity http, RelyingPartyRegistrationRepository registrations) throws Exception {
|
||||
http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.saml2Login(withDefaults())
|
||||
|
|
|
|||
Loading…
Reference in New Issue