· 9 years ago · Nov 17, 2016, 11:30 AM
1@Override
2 protected void configure(HttpSecurity http) throws Exception {
3 http
4 .authorizeRequests()
5 .antMatchers("/admin/**").access("hasRole('ADMINISTRATOR')")
6 .antMatchers("/1/admin/**").access("hasRole('ADMINISTRATOR')")
7 .antMatchers("/profile**").authenticated()
8 .antMatchers("/oauth/authorize").authenticated()
9
10 .and()
11 .formLogin()
12 .loginPage("/login")
13 .failureUrl("/login?error=1")
14 .loginProcessingUrl("/login-attempt")
15 .defaultSuccessUrl("/", false)
16
17 .and()
18 .csrf();
19 }
20
21@Override
22 public void configure(HttpSecurity http) throws Exception {
23 http
24 .authorizeRequests()
25 .regexMatchers("/api/v0/.*").authenticated();
26
27 }
28
29AntPathRequestMatcher:151 - Checking match of request : '/login-attempt'; against '/html/**'
30AntPathRequestMatcher:151 - Checking match of request : '/login-attempt'; against '/webapi/**'
31OrRequestMatcher:65 - Trying to match using Ant [pattern='/oauth/token']
32AntPathRequestMatcher:151 - Checking match of request : '/login-attempt'; against '/oauth/token'
33OrRequestMatcher:65 - Trying to match using Ant [pattern='/oauth/token_key']
34AntPathRequestMatcher:151 - Checking match of request : '/login-attempt'; against '/oauth/token_key'
35OrRequestMatcher:65 - Trying to match using Ant [pattern='/oauth/check_token']
36AntPathRequestMatcher:151 - Checking match of request : '/login-attempt'; against '/oauth/check_token'
37OrRequestMatcher:72 - No matches found
38FilterChainProxy:324 - /login-attempt at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
39FilterChainProxy:324 - /login-attempt at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
40FilterChainProxy:324 - /login-attempt at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
41HstsHeaderWriter:128 - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@2fa4c8cd
42FilterChainProxy:324 - /login-attempt at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
43AntPathRequestMatcher:151 - Checking match of request : '/login-attempt'; against '/logout'
44FilterChainProxy:324 - /login-attempt at position 5 of 11 in additional filter chain; firing Filter: 'OAuth2AuthenticationProcessingFilter'
45BearerTokenExtractor:54 - Token not found in headers. Trying request parameters.
46BearerTokenExtractor:57 - Token not found in request parameters. Not an OAuth2 request.
47OAuth2AuthenticationProcessingFilter:141 - No token in request, will continue chain.
48FilterChainProxy:324 - /login-attempt at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
49FilterChainProxy:324 - /login-attempt at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
50FilterChainProxy:324 - /login-attempt at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
51AnonymousAuthenticationFilter:100 - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 127.0.0.1;SessionId:672t27n01ruouli4a041a0xq;Granted Authorities: ROLE_ANONYMOUS'
52FilterChainProxy:324 - /login-attempt at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
53FilterChainProxy:324 - /login-attempt at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
54FilterChainProxy:324 - /login-attempt at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
55RegexRequestMatcher:106 - Checking match of request : '/login-attempt'; against '/api/v0/.*'
56FilterSecurityInterceptor:209 - Public object - authentication not attempted
57FilterChainProxy:309 - /login-attempt reached end of additional filter chain; proceeding with original chain