@Bean public FilterRegistrationBean filterRegistrationBean() { final UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource(); final CorsConfiguration corsConfiguration = new CorsConfiguration(); corsConfiguration.setAllowCredentials(corsSupportProperties.isAllowCredentials()); corsConfiguration.addAllowedOrigin(corsSupportProperties.getAllowOrigin()); corsConfiguration.addAllowedHeader(corsSupportProperties.getAllowHeader()); corsConfiguration.addAllowedMethod(corsSupportProperties.getAllowMethod()); urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration); CorsFilter corsFilter = new CorsFilter(urlBasedCorsConfigurationSource); FilterRegistrationBean registration = new FilterRegistrationBean(corsFilter); registration.addUrlPatterns("/*"); registration.setOrder(Ordered.HIGHEST_PRECEDENCE); return registration; }
@Bean public FilterRegistrationBean wicketFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); WicketFilter wicketFilter = new WicketFilter(); registration.setFilter(wicketFilter); registration.setName("wicketFilter"); registration.addInitParameter(WicketFilter.APP_FACT_PARAM, SpringWebApplicationFactory.class.getName()); registration.addInitParameter("configuration", configuration); registration.addInitParameter("testsMode", String.valueOf(testMode)); registration.addInitParameter("mockMode",String.valueOf(mockMode)); registration.addInitParameter(WicketFilter.FILTER_MAPPING_PARAM, "/portal/*"); registration.addInitParameter(WicketFilter.IGNORE_PATHS_PARAM,"/favicon.ico"); registration.addUrlPatterns("/portal/*"); registration.setDispatcherTypes(DispatcherType.REQUEST,DispatcherType.FORWARD); registration.setMatchAfter(true); return registration; }
@Bean public FilterRegistrationBean authenticationFilter() { FilterRegistrationBean casFilter = new FilterRegistrationBean(); Map<String, String> filterInitParam = Maps.newHashMap(); filterInitParam.put("redisClusterName", "casClientPrincipal"); filterInitParam.put("serverName", portalConfig.portalServerName()); filterInitParam.put("casServerLoginUrl", portalConfig.casServerLoginUrl()); //we don't want to use session to store login information, since we will be deployed to a cluster, not a single instance filterInitParam.put("useSession", "false"); filterInitParam.put("/openapi.*", "exclude"); casFilter.setInitParameters(filterInitParam); casFilter.setFilter(filter("com.ctrip.framework.apollo.sso.filter.ApolloAuthenticationFilter")); casFilter.addUrlPatterns("/*"); casFilter.setOrder(2); return casFilter; }
@Bean public FilterRegistrationBean correlationIdFilter() { return new FilterRegistrationBean(new Filter() { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { chain.doFilter(request, response); } @Override public void destroy() { } }); }
/** * Enables CORS * * @return */ @Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); source.registerCorsConfiguration("/**", config); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
/** * * This allows access to the REST interface from client web code served up by a * different URL than this one, i.e. cross-site scripting. * * http://stackoverflow.com/questions/31724994/spring-data-rest-and-cors * http://stackoverflow.com/a/31748398/122441 until https://jira.spring.io/browse/DATAREST-573 * @return */ @Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); source.registerCorsConfiguration("/**", config); // return new CorsFilter(source); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
@Override public void doHandle(Map<String, Object> attributes, BeanDefinition beanDefinition, BeanDefinitionRegistry registry) { BeanDefinitionBuilder builder = BeanDefinitionBuilder .rootBeanDefinition(FilterRegistrationBean.class); builder.addPropertyValue("asyncSupported", attributes.get("asyncSupported")); builder.addPropertyValue("dispatcherTypes", extractDispatcherTypes(attributes)); builder.addPropertyValue("filter", beanDefinition); builder.addPropertyValue("initParameters", extractInitParameters(attributes)); String name = determineName(attributes, beanDefinition); builder.addPropertyValue("name", name); builder.addPropertyValue("servletNames", attributes.get("servletNames")); builder.addPropertyValue("urlPatterns", extractUrlPatterns("urlPatterns", attributes)); registry.registerBeanDefinition(name, builder.getBeanDefinition()); }
@Bean public FilterRegistrationBean rewriteFilterConfig() { FilterRegistrationBean reg = new FilterRegistrationBean(); reg.setName(REWRITE_FILTER_NAME); reg.setFilter(new UrlRewriteFilter()); reg.addInitParameter("confPath", REWRITE_FILTER_CONF_PATH); reg.addInitParameter("confReloadCheckInterval", "-1"); reg.addInitParameter("statusPath", "/redirect"); reg.addInitParameter("statusEnabledOnHosts", "*"); reg.addInitParameter("logLevel", "WARN"); return reg; }
@Bean public FilterRegistrationBean xssFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(new XssFilter()); // Default values if not set if (properties.getUrlPattern() == null || properties.getUrlPattern().isEmpty()){ properties.setUrlPattern(DEFAULT_URL_PATTERN); } if (properties.getMatch() == null || properties.getMatch().isEmpty()){ properties.setMatch(DEFAULT_MATCH); } if (properties.getExclude() == null || properties.getExclude().isEmpty()){ properties.setExclude(DEFAULT_EXCLUDE); } if (properties.getWildcards() == null){ properties.setWildcards(DEFAULT_WILCARDS); } registration.addUrlPatterns(properties.getUrlPattern()); registration.setInitParameters(properties.getAsInitParameters()); return registration; }
@Bean public FilterRegistrationBean mongoFilterBean() { FilterRegistrationBean registrationBean = new FilterRegistrationBean(); registrationBean.setFilter(mongoFilter); List<String> urls = new ArrayList<String>(); urls.add("/"); urls.add("/user"); urls.add("/login"); urls.add("/history/*"); urls.add("/features/*"); urls.add("/admin/*"); urls.add("/pipelines/*"); urls.add("/api/output/*"); registrationBean.setUrlPatterns(urls); return registrationBean; }
@Bean public FilterRegistrationBean threadLocalFilter() { Filter filter = new MDCServletFilter(); FilterRegistrationBean registration = new FilterRegistrationBean(filter); registration.setOrder(Ordered.HIGHEST_PRECEDENCE); registration.setName(MDCServletFilter.class.getSimpleName()); return registration; }
@Bean public FilterRegistrationBean corsFilter() { FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(); filterRegistrationBean.setFilter(new CORSFilter()); filterRegistrationBean.setDispatcherTypes(DispatcherType.REQUEST); filterRegistrationBean.setUrlPatterns(Arrays.asList("/*")); filterRegistrationBean.setOrder(Integer.MIN_VALUE + 1000); return filterRegistrationBean; }
@Bean public FilterRegistrationBean httpMethodFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(httpMethodFilter()); registration.addUrlPatterns("/*"); registration.setName("httpMethodFilter"); registration.setOrder(Ordered.HIGHEST_PRECEDENCE + 1); return registration; }
@Bean public FilterRegistrationBean openApiAuthenticationFilter(ConsumerAuthUtil consumerAuthUtil, ConsumerAuditUtil consumerAuditUtil) { FilterRegistrationBean openApiFilter = new FilterRegistrationBean(); openApiFilter.setFilter(new ConsumerAuthenticationFilter(consumerAuthUtil, consumerAuditUtil)); openApiFilter.addUrlPatterns("/openapi/*"); return openApiFilter; }
@Bean public FilterRegistrationBean casFilter() { FilterRegistrationBean singleSignOutFilter = new FilterRegistrationBean(); singleSignOutFilter.setFilter(filter("org.jasig.cas.client.session.SingleSignOutFilter")); singleSignOutFilter.addUrlPatterns("/*"); singleSignOutFilter.setOrder(1); return singleSignOutFilter; }
@Bean public FilterRegistrationBean assertionHolder() { FilterRegistrationBean assertionHolderFilter = new FilterRegistrationBean(); Map<String, String> filterInitParam = Maps.newHashMap(); filterInitParam.put("/openapi.*", "exclude"); assertionHolderFilter.setInitParameters(filterInitParam); assertionHolderFilter.setFilter(filter("com.ctrip.framework.apollo.sso.filter.ApolloAssertionThreadLocalFilter")); assertionHolderFilter.addUrlPatterns("/*"); assertionHolderFilter.setOrder(4); return assertionHolderFilter; }
@Bean public FilterRegistrationBean userAccessFilter() { FilterRegistrationBean filter = new FilterRegistrationBean(); filter.setFilter(new UserAccessFilter(userInfoHolder)); filter.addUrlPatterns("/*"); return filter; }
@Bean public FilterRegistrationBean encodingFilter() { FilterRegistrationBean bean = new FilterRegistrationBean(); bean.setFilter(new CharacterEncodingFilter()); bean.addInitParameter("encoding", "UTF-8"); //FIXME: https://github.com/Netflix/eureka/issues/702 // bean.addInitParameter("forceEncoding", "true"); bean.setName("encodingFilter"); bean.addUrlPatterns("/*"); bean.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.FORWARD); return bean; }
@Bean public FilterRegistrationBean filterRegistrationBean() { final FilterRegistrationBean registrationBean = new FilterRegistrationBean(); final StrutsPrepareAndExecuteFilter struts = new StrutsPrepareAndExecuteFilter(); registrationBean.setFilter(struts); registrationBean.setOrder(1); return registrationBean; }
@Bean public FilterRegistrationBean mdcLoggingFilter() { FilterRegistrationBean bean = new FilterRegistrationBean(); bean.setFilter(new MDCLoggingFilter()); bean.setOrder(1); return bean; }
@Bean(name = "shiroFilter") @DependsOn("securityManager") @ConditionalOnMissingBean public FilterRegistrationBean filterRegistrationBean(SecurityManager securityManager) throws Exception { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); //该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理 filterRegistration.addInitParameter("targetFilterLifecycle", "true"); filterRegistration.setFilter((Filter) getShiroFilterFactoryBean(securityManager).getObject()); filterRegistration.setEnabled(true); filterRegistration.addUrlPatterns("/*"); return filterRegistration; }
/** * druid的url监控 * @return */ @Bean public FilterRegistrationBean webStatFilter(){ WebStatFilter filter = new WebStatFilter(); FilterRegistrationBean bean = new FilterRegistrationBean(filter); bean.addUrlPatterns("/*"); bean.addInitParameter("exclusions", "*.js,*.gif,*.jpg,*.png,*.css,*.ico,*.font,/druid/*"); return bean; }
@Bean() FilterRegistrationBean FilterRegistrationBean() { final FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(); filterRegistrationBean.setFilter(new DelegatingFilterProxy("springSecurityFilterChain")); filterRegistrationBean.setName("springSecurityFilterChain"); filterRegistrationBean.addUrlPatterns("/api/*"); return filterRegistrationBean; }
@Override public void doHandle(Map<String, Object> attributes, BeanDefinition beanDefinition, BeanDefinitionRegistry registry) { BeanDefinitionBuilder builder = BeanDefinitionBuilder.rootBeanDefinition(FilterRegistrationBean.class); builder.addPropertyValue("asyncSupported", attributes.get("asyncSupported")); builder.addPropertyValue("dispatcherTypes", extractDispatcherTypes(attributes)); builder.addPropertyValue("filter", beanDefinition); builder.addPropertyValue("initParameters", extractInitParameters(attributes)); String name = determineName(attributes, beanDefinition); builder.addPropertyValue("name", name); builder.addPropertyValue("servletNames", attributes.get("servletNames")); builder.addPropertyValue("urlPatterns", extractUrlPatterns("urlPatterns", attributes)); registry.registerBeanDefinition(name, builder.getBeanDefinition()); }
@Bean protected FilterRegistrationBean oauth2ClientFilterRegistration( OAuth2ClientContextFilter filter) { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(filter); //register it with a sufficiently low order that it comes before the main Spring Security filter. //In this way we can use it to handle redirects signaled by exceptions in authentication requests. registration.setOrder(-100); return registration; }
@Bean FilterRegistrationBean noHttpSessionFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new NoHttpSessionFilter()); registration.addUrlPatterns("/*"); return registration; }
@Bean FilterRegistrationBean httpsOnlyFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new HttpsOnlyFilter()); registration.addUrlPatterns("/*"); return registration; }
@Bean protected FilterRegistrationBean oauth2ClientFilterRegistration(OAuth2ClientContextFilter filter) { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(filter); registration.setOrder(-100); return registration; }
@Bean public FilterRegistrationBean oauth2ClientFilterRegistration( OAuth2ClientContextFilter filter) { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(filter); registration.setOrder(-100); return registration; }
/** * 注册DelegatingFilterProxy(Shiro) * * @param dispatcherServlet * @return * @author SHANHY * @create 2016年1月13日 */ @Bean public FilterRegistrationBean filterRegistrationBean() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter")); // 该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理 filterRegistration.addInitParameter("targetFilterLifecycle", "true"); filterRegistration.setEnabled(true); filterRegistration.addUrlPatterns("/*"); return filterRegistration; }
