API tools faq
paste
Advertisement
joaopaulofcc

Untitled

joaopaulofcc
Nov 16th, 2023
27
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.47 KB | None | 0 0
raw download clone embed print report
  1. package com.example.springjwt.auth;
  2.  
  3. import com.example.springjwt.services.CustomUserDetailsService;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.context.annotation.Configuration;
  6. import org.springframework.security.authentication.AuthenticationManager;
  7. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
  8. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  9. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
  10. import org.springframework.security.config.http.SessionCreationPolicy;
  11. import org.springframework.security.crypto.password.NoOpPasswordEncoder;
  12. import org.springframework.security.web.SecurityFilterChain;
  13. import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
  14.  
  15. @Configuration
  16. @EnableWebSecurity
  17. public class SecurityConfig {
  18.  
  19. private final CustomUserDetailsService userDetailsService;
  20. private final JwtAuthorizationFilter jwtAuthorizationFilter;
  21.  
  22. public SecurityConfig(CustomUserDetailsService customUserDetailsService, JwtAuthorizationFilter jwtAuthorizationFilter) {
  23. this.userDetailsService = customUserDetailsService;
  24. this.jwtAuthorizationFilter = jwtAuthorizationFilter;
  25.  
  26. }
  27. @Bean
  28. public AuthenticationManager authenticationManager(HttpSecurity http, NoOpPasswordEncoder noOpPasswordEncoder)
  29. throws Exception {
  30. AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class);
  31. authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(noOpPasswordEncoder);
  32. return authenticationManagerBuilder.build();
  33. }
  34.  
  35.  
  36. @Bean
  37. public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
  38.  
  39. http.csrf().disable()
  40. .authorizeRequests()
  41. .requestMatchers("/rest/auth/**").permitAll()
  42. .anyRequest().authenticated()
  43. .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
  44. .and().addFilterBefore(jwtAuthorizationFilter,UsernamePasswordAuthenticationFilter.class);
  45.  
  46. return http.build();
  47. }
  48.  
  49.  
  50. @SuppressWarnings("deprecation")
  51. @Bean
  52. public NoOpPasswordEncoder passwordEncoder() {
  53. return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
  54. }
  55.  
  56. }
  57.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!