[cf9cdbf] | 1 | package edu.gjoko.schedlr.config;
|
---|
| 2 |
|
---|
| 3 | import org.springframework.context.annotation.Bean;
|
---|
| 4 | import org.springframework.context.annotation.Configuration;
|
---|
| 5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
---|
| 6 | import org.springframework.security.config.core.GrantedAuthorityDefaults;
|
---|
| 7 | import org.springframework.security.core.userdetails.User;
|
---|
| 8 | import org.springframework.security.core.userdetails.UserDetailsService;
|
---|
| 9 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
---|
| 10 | import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
---|
| 11 | import org.springframework.security.provisioning.UserDetailsManager;
|
---|
| 12 | import org.springframework.security.web.SecurityFilterChain;
|
---|
| 13 | import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
---|
| 14 |
|
---|
| 15 | @Configuration
|
---|
| 16 | public class AppSecurityConfig {
|
---|
| 17 |
|
---|
| 18 | @Bean
|
---|
| 19 | public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
---|
| 20 | http
|
---|
| 21 | .csrf()
|
---|
| 22 | .disable()
|
---|
| 23 | .authorizeRequests(urlRegistry -> urlRegistry
|
---|
| 24 | .antMatchers("/login*").permitAll()
|
---|
| 25 | .antMatchers("/css/**").permitAll()
|
---|
| 26 | .antMatchers("/anonymous*").permitAll()
|
---|
| 27 | .anyRequest()
|
---|
| 28 | .fullyAuthenticated()
|
---|
| 29 | )
|
---|
| 30 | .httpBasic()
|
---|
| 31 | .authenticationEntryPoint(new AppAuthenticationEntryPoint())
|
---|
| 32 | .and()
|
---|
| 33 | .addFilterBefore(new AppFilter(), BasicAuthenticationFilter.class)
|
---|
| 34 | .formLogin()
|
---|
| 35 | .loginPage("/login")
|
---|
| 36 | .loginProcessingUrl("/login")
|
---|
| 37 | .successHandler(new AppAuthenticationSuccessHandler());
|
---|
| 38 |
|
---|
| 39 | return http.build();
|
---|
| 40 | }
|
---|
| 41 |
|
---|
| 42 | @Bean
|
---|
| 43 | public UserDetailsManager userDetailsService() {
|
---|
| 44 | return null;
|
---|
| 45 | }
|
---|
| 46 |
|
---|
| 47 | @Bean
|
---|
| 48 | public BCryptPasswordEncoder bCryptPasswordEncoder() {
|
---|
| 49 | return new BCryptPasswordEncoder();
|
---|
| 50 | }
|
---|
| 51 |
|
---|
| 52 | @Bean
|
---|
| 53 | public GrantedAuthorityDefaults grantedAuthorityDefaults() {
|
---|
| 54 | return new GrantedAuthorityDefaults("");
|
---|
| 55 | }
|
---|
| 56 |
|
---|
| 57 | }
|
---|