Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Component
- public class CustomAuthenticationProviderImpl implements UnalAuthenticationProvider {
- @Autowired
- private CustomUserDetailService customUserDetailService;
- public Authentication authenticate(Authentication authentication) throws AuthenticationException {
- String username = authentication.getName();
- String password = (String) authentication.getCredentials();
- UserDetails user = null;
- try{
- user = (UserDetails) customUserDetailService.loadUserByUsername(username);
- }
- catch(UsernameNotFoundException ex){
- System.out.println("User name not found");
- throw ex;
- }
- if (user == null) {
- throw new BadCredentialsException("Username not found.");
- }
- if (!password.equals(user.getPassword())) {
- throw new BadCredentialsException("Wrong password.");
- }
- Collection<? extends GrantedAuthority> authorities = user.getAuthorities();
- return new UsernamePasswordAuthenticationToken(user, password, authorities);
- }
- public boolean supports(Class<?> arg0) {
- return true;
- }
- }
- <global-method-security pre-post-annotations="enabled" />
- <http auto-config="true">
- <intercept-url pattern="/resources/**" access="permitAll" />
- <intercept-url pattern="/login" access="permitAll" />
- <intercept-url pattern="/access-denied" access="permitAll" />
- <intercept-url pattern="/admin**" access="hasRole('ADMIN')" />
- <intercept-url pattern="/**" access="hasRole('USER')" />
- <form-login login-page="/login" default-target-url="/main" always-use-default-target="true"/>
- <logout logout-url="/logout" logout-success-url="/"/>
- <headers>
- <frame-options policy="SAMEORIGIN"/>
- </headers>
- <session-management>
- <concurrency-control expired-url="/login" />
- </session-management>
- </http>
- <authentication-manager alias="authenticationManager">
- <authentication-provider ref="customAuthenticationProviderImpl" />
- </authentication-manager>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement