Changeset 401a211 for src/main/java/edu/gjoko/schedlr/config
- Timestamp:
- 10/17/22 00:30:31 (2 years ago)
- Branches:
- master
- Children:
- 204464d
- Parents:
- cf9cdbf
- Location:
- src/main/java/edu/gjoko/schedlr/config
- Files:
-
- 1 added
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
src/main/java/edu/gjoko/schedlr/config/AppFilter.java
rcf9cdbf r401a211 25 25 if(session != null) { 26 26 Map<String, String> roleTargetUrlMap = new HashMap<>(); 27 roleTargetUrlMap.put("DATE", "/date"); 28 roleTargetUrlMap.put("GUESS_NUMBER", "/number"); 27 roleTargetUrlMap.put("ADMIN", "/date"); 28 roleTargetUrlMap.put("CUSTOMER", "/number"); 29 roleTargetUrlMap.put("BUSINESS_OWNER", ""); 29 30 SecurityContextImpl sci = (SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT"); 30 31 if(sci != null) { -
src/main/java/edu/gjoko/schedlr/config/AppSecurityConfig.java
rcf9cdbf r401a211 1 1 package edu.gjoko.schedlr.config; 2 2 3 import edu.gjoko.schedlr.services.PostgresUserDetailsService; 3 4 import org.springframework.context.annotation.Bean; 4 5 import org.springframework.context.annotation.Configuration; 6 import org.springframework.security.authentication.AuthenticationManager; 7 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 5 8 import org.springframework.security.config.annotation.web.builders.HttpSecurity; 9 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 10 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 6 11 import org.springframework.security.config.core.GrantedAuthorityDefaults; 7 import org.springframework.security.core.userdetails.User;8 import org.springframework.security.core.userdetails.UserDetailsService;9 12 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 10 import org.springframework.security.provisioning.InMemoryUserDetailsManager; 11 import org.springframework.security.provisioning.UserDetailsManager; 12 import org.springframework.security.web.SecurityFilterChain; 13 import org.springframework.security.web.authentication.AuthenticationSuccessHandler; 13 14 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; 14 15 15 16 @Configuration 16 public class AppSecurityConfig { 17 @EnableWebSecurity 18 public class AppSecurityConfig extends WebSecurityConfigurerAdapter { 19 20 private final PostgresUserDetailsService userDetailsService; 21 22 private final BCryptPasswordEncoder passwordEncoder; 23 24 private final AuthenticationSuccessHandler authenticationSuccessHandler; 25 26 public AppSecurityConfig(PostgresUserDetailsService userDetailsService, BCryptPasswordEncoder passwordEncoder, 27 AuthenticationSuccessHandler authenticationSuccessHandler) { 28 this.userDetailsService = userDetailsService; 29 this.passwordEncoder = passwordEncoder; 30 this.authenticationSuccessHandler = authenticationSuccessHandler; 31 } 17 32 18 33 @Bean 19 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { 20 http 21 .csrf() 34 public AuthenticationManager customAuthenticationManager() throws Exception { 35 return authenticationManager(); 36 } 37 38 @Override 39 protected void configure(AuthenticationManagerBuilder auth) throws Exception { 40 auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder); 41 } 42 43 @Override 44 protected void configure(HttpSecurity http) throws Exception { 45 http.csrf() 22 46 .disable() 23 .authorizeRequests( urlRegistry -> urlRegistry24 25 26 .antMatchers("/anonymous*").permitAll()27 28 29 )47 .authorizeRequests() 48 .antMatchers("/login*").permitAll() 49 .antMatchers("/css/**").permitAll() 50 .antMatchers("/anonymous*").anonymous() 51 .anyRequest() 52 .fullyAuthenticated() 53 .and() 30 54 .httpBasic() 31 55 .authenticationEntryPoint(new AppAuthenticationEntryPoint()) … … 35 59 .loginPage("/login") 36 60 .loginProcessingUrl("/login") 37 .successHandler(new AppAuthenticationSuccessHandler()); 38 39 return http.build(); 61 .successHandler(authenticationSuccessHandler); 40 62 } 41 42 @Bean43 public UserDetailsManager userDetailsService() {44 return null;45 }46 47 @Bean48 public BCryptPasswordEncoder bCryptPasswordEncoder() {49 return new BCryptPasswordEncoder();50 }51 52 @Bean53 public GrantedAuthorityDefaults grantedAuthorityDefaults() {54 return new GrantedAuthorityDefaults("");55 }56 57 63 }
Note:
See TracChangeset
for help on using the changeset viewer.