Changeset 950fa0d for src/main/java/edu/gjoko/schedlr/config
- Timestamp:
- 05/24/23 23:18:47 (18 months ago)
- Branches:
- master
- Children:
- 77205be
- Parents:
- 8bcd64c
- Location:
- src/main/java/edu/gjoko/schedlr/config
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
src/main/java/edu/gjoko/schedlr/config/AppFilter.java
r8bcd64c r950fa0d 10 10 import org.springframework.web.filter.GenericFilterBean; 11 11 12 import javax.servlet.FilterChain; 13 import javax.servlet.ServletException; 14 import javax.servlet.ServletRequest; 15 import javax.servlet.ServletResponse; 12 import javax.servlet.*; 16 13 import javax.servlet.http.HttpServletRequest; 17 14 import javax.servlet.http.HttpServletResponse; … … 75 72 break; 76 73 } 77 if(page != null && !page.trim().isEmpty() ) {74 if(page != null && !page.trim().isEmpty() && !DispatcherType.ERROR.equals(servletRequest.getDispatcherType())) { 78 75 servletRequest.getRequestDispatcher(page).forward(servletRequest, servletResponse); 79 76 return; -
src/main/java/edu/gjoko/schedlr/config/AppSecurityConfig.java
r8bcd64c r950fa0d 10 10 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 11 11 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 12 import org.springframework.security.config.core.GrantedAuthorityDefaults;13 12 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 14 import org.springframework.security.web.access.AccessDeniedHandler;15 13 import org.springframework.security.web.authentication.AuthenticationFailureHandler; 16 14 import org.springframework.security.web.authentication.AuthenticationSuccessHandler; 15 import org.springframework.security.web.authentication.logout.HeaderWriterLogoutHandler; 16 import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; 17 17 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; 18 import org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter; 19 20 import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.*; 18 21 19 22 @Configuration … … 21 24 @AllArgsConstructor 22 25 public class AppSecurityConfig extends WebSecurityConfigurerAdapter { 26 27 private static final ClearSiteDataHeaderWriter.Directive[] SOURCE = 28 {CACHE, COOKIES, STORAGE, EXECUTION_CONTEXTS}; 23 29 24 30 private final PostgresUserDetailsService userDetailsService; … … 55 61 .defaultSuccessUrl("/homepage") 56 62 .and() 63 .logout(logout -> logout 64 .logoutUrl("/logout") 65 .logoutSuccessUrl("/login") 66 .addLogoutHandler(new SecurityContextLogoutHandler()) 67 .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE)))) 57 68 .authorizeRequests() 58 69 .antMatchers("/login").permitAll() 70 .antMatchers("/logout").permitAll() 59 71 .antMatchers("/register_customer").permitAll() 60 72 .antMatchers("/register_business").permitAll() 61 73 .antMatchers("/api/nomenclatures/*").permitAll() 74 .antMatchers("/api/user/me").permitAll() 62 75 .antMatchers("/api/business").permitAll() 76 .antMatchers("/api/appointment").permitAll() 63 77 .antMatchers("/homepage").permitAll() 64 78 .antMatchers("/css/**").permitAll()
Note:
See TracChangeset
for help on using the changeset viewer.