- Timestamp:
- 09/17/22 01:23:47 (2 years ago)
- Branches:
- master
- Children:
- 7e88e46
- Parents:
- e5b84dc
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/configs/WebSecurityConfig.java
re5b84dc r775e15e 29 29 @Override 30 30 protected void configure(HttpSecurity http) throws Exception { 31 // http 32 // .csrf().disable() 33 // .authorizeRequests() 34 // .antMatchers("/registration/**") 35 // .permitAll() 36 // .anyRequest() 37 // .authenticated().and() 38 // .formLogin(); 31 39 32 40 33 http.csrf().disable(); 41 34 http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); 42 // http.authorizeRequests().antMatchers(GET,"/phones").hasAnyAuthority("USER"); 43 http.authorizeRequests().anyRequest().permitAll(); 35 36 http.authorizeRequests() 37 .and() 38 .authorizeRequests() 39 .antMatchers("/user/**") 40 .hasAnyAuthority("USER","ADMIN", "SUPERADMIN") 41 .and() 42 .authorizeRequests() 43 .antMatchers("/management/**") 44 .hasAnyAuthority("SUPERADMIN") 45 .anyRequest().permitAll(); 46 47 48 44 49 http.addFilter(new CustomAuthenticationFilter(authenticationManagerBean())); 45 50 http.addFilterBefore(new CustomAuthorizationFilter(), UsernamePasswordAuthenticationFilter.class);
Note:
See TracChangeset
for help on using the changeset viewer.