Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- // .csrf().disable()
- http
- .exceptionHandling()
- .authenticationEntryPoint(new Http401AuthenticationEntryPoint("App header"))
- .and()
- .authenticationProvider(getProvider())
- .formLogin()
- .loginProcessingUrl("/logins/login")
- .successHandler(new SimpleUrlAuthenticationSuccessHandler())
- .failureHandler(new SimpleUrlAuthenticationFailureHandler())
- .and().httpBasic();
- http.logout()
- .logoutUrl("/logout")
- .logoutSuccessHandler(new AuthentificationLogoutSuccessHandler())
- .invalidateHttpSession(true)
- .and().httpBasic();
- http.authorizeRequests()
- .antMatchers("/docs").hasAnyRole(Role.USER.name(), Role.ADMIN.toString())
- .antMatchers("/logins/login").permitAll()
- .antMatchers("/logout").permitAll()
- .anyRequest().authenticated().and()
- .requestCache()
- .requestCache(new NullRequestCache())
- .and().httpBasic();
- System.out.println(" 1 : " + Role.USER.name() + " --- " + Role.USER.toString());
- }
- [ X-Frame-Options=[DENY],
- Transfer-Encoding=[chunked],
- Strict-Transport-Security=[max-age=31536000 ; includeSubDomains],
- Cache-Control=[private],
- X-Content-Type-Options=[nosniff],
- Set-Cookie=[JSESSIONID=615FD3642011AE7558D598255D10C85E; Path=/; Secure; HttpOnly],
- Expires=[Thu, 01 Jan 1970 01:00:00 CET],
- X-XSS-Protection=[1; mode=block],
- Date=[Wed, 25 Apr 2018 21:35:16 GMT],
- Content-Type=[application/json;charset=UTF-8]]
- HttpClient httpClient = HttpClients.custom()
- .disableCookieManagement()
- .build();
- Unirest.setHttpClient(httpClient);
- Predicate<? super Map.Entry<String, List<String>>> prdct = (key) ->{
- return key.getKey().equals("Set-Cookie");
- };
- final String jSessionID = asJson.getHeaders().entrySet().stream().filter(prdct).findFirst().get().getValue().get(0);
- System.out.println("jsession id "+jSessionID.split(";")[0]);
- Unirest.setDefaultHeader("Cookie", jSessionID.split(";")[0]);
- Unirest.setDefaultHeader("authorization", "Basic " + value);
- Unirest.setDefaultHeader("Content-Type", "application/json");
- {"timestamp":"2018-04-25T21:35:32.659+0000","status":403,"error":"Forbidden","message":"Forbidden","path":"/user/1"}
Add Comment
Please, Sign In to add comment