- Timestamp:
- 09/04/21 11:14:25 (3 years ago)
- Branches:
- master
- Children:
- ab49338
- Parents:
- 194776a
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
src/main/java/it/finki/charitable/security/SecurityConfig.java
r194776a r5306751 7 7 import org.springframework.security.config.annotation.web.builders.HttpSecurity; 8 8 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 9 import org.springframework.security.core.Authentication; 9 10 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 11 import org.springframework.security.web.DefaultRedirectStrategy; 12 import org.springframework.security.web.RedirectStrategy; 13 import org.springframework.security.web.authentication.AuthenticationSuccessHandler; 10 14 import org.springframework.security.web.util.matcher.AntPathRequestMatcher; 15 16 import javax.servlet.ServletException; 17 import javax.servlet.http.HttpServletRequest; 18 import javax.servlet.http.HttpServletResponse; 19 import java.io.IOException; 11 20 12 21 @Configuration … … 40 49 .authorizeRequests() 41 50 .antMatchers(publicMatchers).permitAll() 42 .antMatchers("/moderator-photos/**" ).hasAuthority(UserRole.MODERATOR.name())43 .anyRequest(). authenticated();51 .antMatchers("/moderator-photos/**", "/moderator/**").hasAuthority(UserRole.MODERATOR.name()) 52 .anyRequest().hasAuthority(UserRole.USER.name()); 44 53 45 54 http … … 47 56 .cors().disable() 48 57 .formLogin().loginPage("/login") 49 . defaultSuccessUrl("/", true)58 .successHandler(authenticationSuccessHandler) 50 59 .and() 51 60 .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")) … … 55 64 } 56 65 66 AuthenticationSuccessHandler authenticationSuccessHandler = (httpServletRequest, httpServletResponse, authentication) -> { 67 RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); 68 if(authentication.getAuthorities().toString().contains("MODERATOR")) { 69 redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, "/moderator/approval"); 70 } else { 71 redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, "/"); 72 } 73 }; 74 57 75 @Override 58 76 protected void configure(AuthenticationManagerBuilder auth) throws Exception {
Note:
See TracChangeset
for help on using the changeset viewer.