- Timestamp:
- 02/02/22 14:15:35 (2 years ago)
- Branches:
- master
- Children:
- df4089c
- Parents:
- 9ff45d6
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sources/app/src/main/java/parkup/configs/webConfigs/WebSecurityConfig.java
r9ff45d6 r9dd526f 3 3 import org.springframework.context.annotation.Bean; 4 4 import org.springframework.context.annotation.Configuration; 5 import org.springframework.security.authentication. dao.DaoAuthenticationProvider;5 import org.springframework.security.authentication.AuthenticationManager; 6 6 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 7 7 import org.springframework.security.config.annotation.web.builders.HttpSecurity; … … 9 9 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 10 10 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 11 import parkup.services.RegistriranParkiracService; 12 import parkup.services.VrabotenService; 11 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 12 import org.springframework.web.cors.CorsConfiguration; 13 import parkup.configs.CustomAuthenticationFilter; 14 import parkup.configs.CustomAuthorizationFilter; 15 import parkup.services.AdministratorService; 16 import parkup.services.RegisteredUserService; 17 import parkup.services.WorkerService; 18 19 import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS; 13 20 14 21 @EnableWebSecurity 15 22 @Configuration 16 23 public class WebSecurityConfig extends WebSecurityConfigurerAdapter { 17 private final VrabotenService vrabotenService;24 private final WorkerService workerService; 18 25 private final BCryptPasswordEncoder bCryptPasswordEncoder; 19 private final RegistriranParkiracService registriranParkiracService; 26 private final RegisteredUserService registeredUserService; 27 private final AdministratorService administratorService; 20 28 21 public WebSecurityConfig( VrabotenService vrabotenService, BCryptPasswordEncoder bCryptPasswordEncoder, RegistriranParkiracService registriranParkiracService) {22 this. vrabotenService = vrabotenService;29 public WebSecurityConfig(WorkerService workerService, BCryptPasswordEncoder bCryptPasswordEncoder, RegisteredUserService registeredUserService, AdministratorService administratorService) { 30 this.workerService = workerService; 23 31 this.bCryptPasswordEncoder = bCryptPasswordEncoder; 24 this.registriranParkiracService = registriranParkiracService; 32 this.registeredUserService = registeredUserService; 33 this.administratorService = administratorService; 34 } 35 36 @Override 37 protected void configure(AuthenticationManagerBuilder auth) throws Exception { 38 auth.userDetailsService(registeredUserService).passwordEncoder(bCryptPasswordEncoder); 39 auth.userDetailsService(workerService).passwordEncoder(bCryptPasswordEncoder); 40 auth.userDetailsService(administratorService).passwordEncoder(bCryptPasswordEncoder); 25 41 } 26 42 27 43 @Override 28 44 protected void configure(HttpSecurity http) throws Exception { 29 http 30 .csrf().disable() 31 .authorizeRequests() 32 .antMatchers("/registriranParkirac/registration/**") 33 .permitAll() 34 .anyRequest() 35 .authenticated().and().formLogin();//ruta na viktor 36 } 37 38 @Override 39 protected void configure(AuthenticationManagerBuilder auth) throws Exception { 40 auth.authenticationProvider(daoAuthenticationProviderW()); 41 auth.authenticationProvider(daoAuthenticationProviderRP()); 45 CustomAuthenticationFilter customAuthenticationFilter = new CustomAuthenticationFilter(authenticationManagerBean()); 46 customAuthenticationFilter.setFilterProcessesUrl("/api/login"); 47 http.csrf().disable(); 48 http.cors().configurationSource(request -> new CorsConfiguration().applyPermitDefaultValues()); 49 http.sessionManagement().sessionCreationPolicy(STATELESS); 50 http.authorizeRequests().antMatchers("/**").permitAll(); 51 // http.authorizeRequests().antMatchers("/user/registration/**", "/home/markers","/home/getLocation/**","/api/login/**","/home").permitAll(); 52 // http.authorizeRequests().antMatchers( "/user/setFavourite/**","user/favourites").hasAuthority("ROLE_USER"); 53 // http.authorizeRequests().antMatchers( "/home/**").hasAuthority("ROLE_ADMIN"); 54 // http.authorizeRequests().anyRequest().authenticated(); 55 http.addFilter(customAuthenticationFilter); 56 http.addFilterBefore(new CustomAuthorizationFilter(), UsernamePasswordAuthenticationFilter.class); 42 57 } 43 58 44 59 @Bean 45 public DaoAuthenticationProvider daoAuthenticationProviderW() { 46 DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); 47 provider.setPasswordEncoder(bCryptPasswordEncoder); 48 provider.setUserDetailsService(vrabotenService); 49 return provider; 60 @Override 61 public AuthenticationManager authenticationManagerBean() throws Exception { 62 return super.authenticationManagerBean(); 50 63 } 51 64 52 @Bean53 public DaoAuthenticationProvider daoAuthenticationProviderRP(){54 DaoAuthenticationProvider provider = new DaoAuthenticationProvider();55 provider.setPasswordEncoder(bCryptPasswordEncoder);56 provider.setUserDetailsService(registriranParkiracService);57 return provider;58 }59 65 60 66 }
Note:
See TracChangeset
for help on using the changeset viewer.
