Context Navigation

source: src/main/java/edu/gjoko/schedlr/config/AppSecurityConfig.java@ 8bcd64c

Last change on this file since 8bcd64c was 8bcd64c, checked in by Gjoko Kostadinov <gjoko.kostadinov@…>, 15 months ago
Add admin functionality and business admin functionality.
Property mode set to `100644`
File size: 3.1 KB

Rev	Line
[cf9cdbf]	1	package edu.gjoko.schedlr.config;
	2
[401a211]	3	import edu.gjoko.schedlr.services.PostgresUserDetailsService;
[8bcd64c]	4	import lombok.AllArgsConstructor;
[cf9cdbf]	5	import org.springframework.context.annotation.Bean;
	6	import org.springframework.context.annotation.Configuration;
[401a211]	7	import org.springframework.security.authentication.AuthenticationManager;
	8	import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
[cf9cdbf]	9	import org.springframework.security.config.annotation.web.builders.HttpSecurity;
[401a211]	10	import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
	11	import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
[cf9cdbf]	12	import org.springframework.security.config.core.GrantedAuthorityDefaults;
	13	import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
[8bcd64c]	14	import org.springframework.security.web.access.AccessDeniedHandler;
	15	import org.springframework.security.web.authentication.AuthenticationFailureHandler;
[401a211]	16	import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
[cf9cdbf]	17	import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
	18
	19	@Configuration
[401a211]	20	@EnableWebSecurity
[8bcd64c]	21	@AllArgsConstructor
[401a211]	22	public class AppSecurityConfig extends WebSecurityConfigurerAdapter {
	23
	24	private final PostgresUserDetailsService userDetailsService;
	25
	26	private final BCryptPasswordEncoder passwordEncoder;
	27
	28	private final AuthenticationSuccessHandler authenticationSuccessHandler;
	29
[8bcd64c]	30	private final AuthenticationFailureHandler authenticationFailureHandler;
[cf9cdbf]	31
	32	@Bean
[401a211]	33	public AuthenticationManager customAuthenticationManager() throws Exception {
	34	return authenticationManager();
	35	}
	36
	37	@Override
	38	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
	39	auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
	40	}
	41
	42	@Override
	43	protected void configure(HttpSecurity http) throws Exception {
	44	http.csrf()
[cf9cdbf]	45	.disable()
[a436340]	46	.httpBasic()
	47	.authenticationEntryPoint(new AppAuthenticationEntryPoint())
	48	.and()
[8bcd64c]	49	.addFilterAfter(new AppFilter(userDetailsService), BasicAuthenticationFilter.class)
[a436340]	50	.formLogin()
	51	.loginPage("/login")
	52	.loginProcessingUrl("/login")
	53	.successHandler(authenticationSuccessHandler)
[8bcd64c]	54	.failureHandler(authenticationFailureHandler)
[a436340]	55	.defaultSuccessUrl("/homepage")
	56	.and()
[401a211]	57	.authorizeRequests()
[763289e]	58	.antMatchers("/login").permitAll()
[204464d]	59	.antMatchers("/register_customer").permitAll()
	60	.antMatchers("/register_business").permitAll()
[a436340]	61	.antMatchers("/api/nomenclatures/*").permitAll()
[46fd0c7]	62	.antMatchers("/api/business").permitAll()
[763289e]	63	.antMatchers("/homepage").permitAll()
[401a211]	64	.antMatchers("/css/**").permitAll()
[044bd76]	65	.antMatchers("/js/**").permitAll()
[401a211]	66	.antMatchers("/anonymous*").anonymous()
	67	.anyRequest()
[a436340]	68	.fullyAuthenticated();
[cf9cdbf]	69	}
	70	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: