@Configuration@ComponentScan(value="com.spring.loja")@EnableWebSecuritypublic

1. @Configuration
2. @ComponentScan(value="com.spring.loja")
3. @EnableWebSecurity
4. public class SecurityConfig extends WebSecurityConfigurerAdapter {
5.  
6. @Autowired
7. private UserDetailsService userDetailsService;
8.  
9. @Autowired
10. private SocialUserDetailsService socialUserDetailsService;
11.  
12. @Autowired
13. private PasswordEncoder passwordEncoder;
14.  
15. @Override
16. public void configure(WebSecurity web) throws Exception {
17. DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();
18. handler.setPermissionEvaluator(new CustomPermissionEvaluator());
19. web.expressionHandler(handler);
20. }
21.  
22. @Override
23. protected void configure(HttpSecurity http) throws Exception {
24. http
25. .csrf()
26. .disable()
27. .authorizeRequests()
28. .antMatchers("/resources/**", "/erro/**", "/categoria/**", "/produto/**", "/**").permitAll()
29. .anyRequest().authenticated()
30. .and()
31. .formLogin()
32. .loginPage("/entrar").permitAll()
33. .loginProcessingUrl("/login").permitAll()
34. .usernameParameter("login")
35. .passwordParameter("senha")
36. .defaultSuccessUrl("/admin")
37. .failureUrl("/entrar?erro=login").permitAll()
38. .and()
39. .exceptionHandling()
40. .accessDeniedPage("/erro/403")
41. .and()
42. .logout()
43. .logoutUrl("/logout")
44. .logoutSuccessUrl("/").permitAll()
45. .and()
46. .apply(new SpringSocialConfigurer());
47. }
48.  
49. @Override
50. protected void configure(AuthenticationManagerBuilder auth) throws Exception {
51. auth
52. .userDetailsService(userDetailsService)
53. .passwordEncoder(passwordEncoder);
54. }
55.  
56. @Bean
57. @Override
58. public AuthenticationManager authenticationManagerBean() throws Exception {
59. return super.authenticationManagerBean();
60. }
61.  
62. }