@Bean public FilterRegistrationBean shallowEtagHeaderFilter() { FilterRegistrationBean frb = new FilterRegistrationBean(); frb.setFilter(new OneTimeETagGenerationFilter()); frb.addUrlPatterns( "/backoffice/*", "*.html", "*.js", "*.css", "/fonts/*", "/bower_components/*", "/components/*", "/img/*" ); return frb; }
@Bean FilterRegistrationBean corsFilter() { CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); return bean; }
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); source.registerCorsConfiguration("/**", config); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
@ConditionalOnProperty(prefix = "cas.httpWebRequest.cors", name = "enabled", havingValue = "true") @Bean @RefreshScope public FilterRegistrationBean casCorsFilter() { final HttpWebRequestProperties.Cors cors = casProperties.getHttpWebRequest().getCors(); final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); final CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(cors.isEnabled()); config.setAllowedOrigins(cors.getAllowOrigins()); config.setAllowedMethods(cors.getAllowMethods()); config.setAllowedHeaders(cors.getAllowHeaders()); config.setMaxAge(cors.getMaxAge()); config.setExposedHeaders(cors.getExposedHeaders()); source.registerCorsConfiguration("/**", config); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setName("casCorsFilter"); bean.setAsyncSupported(true); bean.setOrder(0); return bean; }
@RefreshScope @Bean public FilterRegistrationBean responseHeadersSecurityFilter() { final HttpWebRequestProperties.Header header = casProperties.getHttpWebRequest().getHeader(); final Map<String, String> initParams = new HashMap<>(); initParams.put("enableCacheControl", BooleanUtils.toStringTrueFalse(header.isCache())); initParams.put("enableXContentTypeOptions", BooleanUtils.toStringTrueFalse(header.isXcontent())); initParams.put("enableStrictTransportSecurity", BooleanUtils.toStringTrueFalse(header.isHsts())); initParams.put("enableXFrameOptions", BooleanUtils.toStringTrueFalse(header.isXframe())); initParams.put("enableXSSProtection", BooleanUtils.toStringTrueFalse(header.isXss())); final FilterRegistrationBean bean = new FilterRegistrationBean(); bean.setFilter(new ResponseHeadersEnforcementFilter()); bean.setUrlPatterns(Collections.singleton("/*")); bean.setInitParameters(initParams); bean.setName("responseHeadersSecurityFilter"); bean.setAsyncSupported(true); return bean; }
@RefreshScope @Bean public FilterRegistrationBean requestParameterSecurityFilter() { final Map<String, String> initParams = new HashMap<>(); initParams.put(RequestParameterPolicyEnforcementFilter.PARAMETERS_TO_CHECK, casProperties.getHttpWebRequest().getParamsToCheck()); initParams.put(RequestParameterPolicyEnforcementFilter.CHARACTERS_TO_FORBID, "none"); initParams.put(RequestParameterPolicyEnforcementFilter.ALLOW_MULTI_VALUED_PARAMETERS, BooleanUtils.toStringTrueFalse(casProperties.getHttpWebRequest().isAllowMultiValueParameters())); initParams.put(RequestParameterPolicyEnforcementFilter.ONLY_POST_PARAMETERS, casProperties.getHttpWebRequest().getOnlyPostParams()); final FilterRegistrationBean bean = new FilterRegistrationBean(); bean.setFilter(new RequestParameterPolicyEnforcementFilter()); bean.setUrlPatterns(Collections.singleton("/*")); bean.setName("requestParameterSecurityFilter"); bean.setInitParameters(initParams); bean.setAsyncSupported(true); return bean; }
/** * <a href="https://github.com/spring-projects/spring-boot/issues/5834#issuecomment-296370088">See explanation here</a> */ @Bean public FilterRegistrationBean corsFilterBean() { final CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedOrigins(Collections.singletonList("*")); configuration.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH")); // setAllowCredentials(true) is important, otherwise: // The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. configuration.setAllowCredentials(true); // setAllowedHeaders is important! Without it, OPTIONS preflight request // will fail with 403 Invalid CORS request configuration.setAllowedHeaders(Arrays.asList("Authorization", "Cache-Control", "Content-Type")); final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", configuration); FilterRegistrationBean corsFilter = new FilterRegistrationBean(new CorsFilter(source)); corsFilter.setOrder(Ordered.HIGHEST_PRECEDENCE); return corsFilter; }
@Bean public FilterRegistrationBean filterRegistrationBean(DruidDataSourceProperties druidDataSourceProperties) { log.debug("druid web-stat-filter init..."); DruidWebStatProperties properties = druidDataSourceProperties.getWebStat(); FilterRegistrationBean registration = new FilterRegistrationBean(); WebStatFilter filter = new WebStatFilter(); registration.setFilter(filter); registration.addUrlPatterns(properties.getUrlPatterns()); registration.addInitParameter("exclusions", properties.getExclusions()); registration.addInitParameter("sessionStatEnable", Boolean.toString(properties.isSessionStatEnable())); if (!StringUtils.isEmpty(properties.getSessionStatMaxCount())) { registration.addInitParameter("sessionStatMaxCount",Integer.toString(properties.getSessionStatMaxCount())); } if (!StringUtils.isEmpty(properties.getPrincipalSessionName())) { registration.addInitParameter("principalSessionName", properties.getPrincipalSessionName()); } if (!StringUtils.isEmpty(properties.getPrincipalCookieName())) { registration.addInitParameter("principalCookieName", properties.getPrincipalCookieName()); } registration.addInitParameter("profileEnable", Boolean.toString(properties.isProfileEnable())); return registration; }
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); source.registerCorsConfiguration("/**", config); // return new CorsFilter(source); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
/** * CORS: * <p> * Do not do any of below, which are the wrong way to attempt solving the ajax problem: * - http.authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/**").permitAll(); * - web.ignoring().antMatchers(HttpMethod.OPTIONS) * <p> * Global CORS configuration * https://spring.io/blog/2015/06/08/cors-support-in-spring-framework * https://docs.spring.io/spring-security/site/docs/current/reference/html/cors.html * <p> * Solution 1 * add CrossOrigin annotation to Controller class or methods * <p> * Solution 2 * override addCorsMappings(CorsRegistry registry) method of WebMvcConfigurerAdapter class * <p> * <p> * The follow method will override CORS Configuration provided by Spring MVC. */ @Bean public FilterRegistrationBean initCorsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); // setAllowCredentials(true) is important, otherwise: // The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. config.setAllowCredentials(true); // setAllowedHeaders is important! Without it, OPTIONS preflight request // will fail with 403 Invalid CORS request config.setAllowedHeaders(ImmutableList.of("Authorization", "Cache-Control", "Content-Type")); config.addAllowedMethod("*"); String origins = this.applicationConfig.getAllowedOrigins(); if (origins != null && !"".equals(origins)) { config.setAllowedOrigins(Arrays.asList(StringHelper.splitWithoutWhitespace(origins, ","))); } source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); return bean; }
private FilterRegistrationBean getFilterRegistrationBean(int position) { Integer filterCount = 0; if(properties.getFilters().size() >= (position+1)) { Bucket4JConfiguration filter = properties.getFilters().get(position); filterCount++; FilterConfiguration filterConfig = buildFilterConfig(filter, cacheManager, servletFilterExpressionParser(), beanFactory); FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setName("bucket4JRequestFilter" + position); registration.setFilter(new ServletRequestFilter(filterConfig)); registration.addUrlPatterns(filter.getUrl()); registration.setOrder(filter.getFilterOrder()); return registration; } return null; }
@Bean public FilterRegistrationBean<OAuth2ClientContextFilter> oauth2ClientFilterRegistration( OAuth2ClientContextFilter filter, SecurityProperties security) { FilterRegistrationBean<OAuth2ClientContextFilter> registration = new FilterRegistrationBean<>(); registration.setFilter(filter); registration.setOrder(security.getFilter().getOrder() - 10); return registration; }
@Bean FilterRegistrationBean traceWebFilter(HttpTracing httpTracing) { FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(TracingFilter.create(httpTracing)); filterRegistrationBean.setDispatcherTypes(ASYNC, ERROR, FORWARD, INCLUDE, REQUEST); filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE); return filterRegistrationBean; }
@Bean public FilterRegistrationBean filterRegistrationBean() { FilterRegistrationBean registration = new FilterRegistrationBean(new SessionFilter(this)); registration.addUrlPatterns("/*"); registration.setOrder(Ordered.HIGHEST_PRECEDENCE); return registration; }
@Bean public FilterRegistrationBean statFilter(){ //创建过滤器 FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new WebStatFilter()); //设置过滤器过滤路径 filterRegistrationBean.addUrlPatterns("/*"); //忽略过滤的形式 filterRegistrationBean.addInitParameter("exclusions","*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*"); return filterRegistrationBean; }
@Bean public FilterRegistrationBean setRestApiFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(historyFilter); registration.addUrlPatterns("/api/engine/engine/default/task/*"); registration.setName("historyFilter"); registration.setOrder(Integer.MAX_VALUE - 1); return registration; }
/** * 注册单点登出filter * @return */ @Bean public FilterRegistrationBean singleSignOutFilter(){ FilterRegistrationBean bean = new FilterRegistrationBean(); bean.setName("singleSignOutFilter"); bean.setFilter(new SingleSignOutFilter()); bean.addUrlPatterns("/*"); bean.setEnabled(true); //bean.setOrder(Ordered.HIGHEST_PRECEDENCE); return bean; }
@Bean public FilterRegistrationBean dawsonApiFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new ApiOriginFilter()); registration.addUrlPatterns("/*"); return registration; }
/** * 注册shiroFilter */ @Bean public FilterRegistrationBean filterRegistrationBean(){ FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter")); // 该值缺省为false,表示生命周期有SpringApplicationContext管理,设置为true则表示由ServletContainer管理 filterRegistration.addInitParameter("targetFilterLifecycle", "true"); filterRegistration.setEnabled(true); filterRegistration.addUrlPatterns("/*"); return filterRegistration; }
@RefreshScope @Bean public FilterRegistrationBean characterEncodingFilter() { final FilterRegistrationBean bean = new FilterRegistrationBean(); bean.setFilter(new CharacterEncodingFilter( casProperties.getHttpWebRequest().getWeb().getEncoding(), casProperties.getHttpWebRequest().getWeb().isForceEncoding())); bean.setUrlPatterns(Collections.singleton("/*")); bean.setName("characterEncodingFilter"); bean.setAsyncSupported(true); return bean; }
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
@Bean public FilterRegistrationBean oauth2ClientFilterRegistration(OAuth2ClientContextFilter filter) { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(filter); registration.setOrder(-100); return registration; }
@Bean public FilterRegistrationBean threadContextMDCServletFilter() { final Map<String, String> initParams = new HashMap<>(); final FilterRegistrationBean bean = new FilterRegistrationBean(); bean.setFilter(new ThreadContextMDCServletFilter(ticketRegistrySupport, this.ticketGrantingTicketCookieGenerator)); bean.setUrlPatterns(Collections.singleton("/*")); bean.setInitParameters(initParams); bean.setName("threadContextMDCServletFilter"); bean.setOrder(Ordered.HIGHEST_PRECEDENCE + 1); return bean; }
@Bean public FilterRegistrationBean corsFilterRegistration() { FilterRegistrationBean registrationBean = new FilterRegistrationBean(new CORSFilter()); registrationBean.setName("CORS Filter"); registrationBean.addUrlPatterns("/*"); registrationBean.setOrder(1); return registrationBean; }
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues(); config.addAllowedMethod(HttpMethod.PUT); config.addAllowedMethod(HttpMethod.PATCH); config.addAllowedMethod(HttpMethod.DELETE); source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean( new CorsFilter(source)); bean.setOrder(0); return bean; }
@Bean public FilterRegistrationBean oauth2ClientFilterRegistration( OAuth2ClientContextFilter filter) { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(filter); registration.setOrder(-100); return registration; }
@Bean public FilterRegistrationBean aiFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new WebRequestTrackingFilter()); registration.addUrlPatterns("/**"); registration.setOrder(1); return registration; }
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); return bean; }
@Bean public FilterRegistrationBean shiroFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new DelegatingFilterProxy("shiroFilter")); //该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理 registration.addInitParameter("targetFilterLifecycle", "true"); registration.setEnabled(true); registration.setOrder(Integer.MAX_VALUE - 1); registration.addUrlPatterns("/*"); return registration; }
@Bean public FilterRegistrationBean xssFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setDispatcherTypes(DispatcherType.REQUEST); registration.setFilter(new XssFilter()); registration.addUrlPatterns("/*"); registration.setName("xssFilter"); registration.setOrder(Integer.MAX_VALUE); return registration; }
/** * 注册FilterRegistrationBean * @return */ @Bean public FilterRegistrationBean druidStatFilter() { FilterRegistrationBean bean = new FilterRegistrationBean(new WebStatFilter()); //添加过滤规则. bean.addUrlPatterns("/*"); //添加不需要忽略的格式信息. bean.addInitParameter("exclusions","*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid2/*"); return bean; }
@Bean public FilterRegistrationBean characterEncodingFilterRegistration() { FilterRegistrationBean registrationBean = new FilterRegistrationBean(characterEncodingFilter()); registrationBean.setName("CharacterEncodingFilter"); registrationBean.addUrlPatterns("/*"); registrationBean.setOrder(1); return registrationBean; }
@Bean public FilterRegistrationBean bootstrapVerificationFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(bootstrapVerificationFiler()); registration.addUrlPatterns("/*"); registration.setName("BootstrapVerificationFilter"); registration.setOrder(1); return registration; }
@Bean public FilterRegistrationBean requestEncodingFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(requestEncodingFilter()); registration.addUrlPatterns("/*"); registration.addInitParameter("encoding", "UTF-8"); registration.setName("RequestEncodingFilter"); registration.setOrder(4); return registration; }
@Bean public FilterRegistrationBean cacheFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(cacheFilter()); registration.addUrlPatterns("/icons/*", "/style/*", "/script/*", "/dwr/*", "/icons/*", "/coverArt.view", "/avatar.view"); registration.addInitParameter("Cache-Control", "max-age=36000"); registration.setName("CacheFilter"); registration.setOrder(5); return registration; }
