Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package com.example.letsdoeat.configurations;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.ComponentScan;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.http.HttpMethod;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import org.springframework.security.core.userdetails.User;
- import org.springframework.security.core.userdetails.UserDetails;
- import org.springframework.security.core.userdetails.UserDetailsService;
- import org.springframework.security.crypto.password.PasswordEncoder;
- import org.springframework.security.provisioning.InMemoryUserDetailsManager;
- import org.springframework.security.web.AuthenticationEntryPoint;
- import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
- import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
- import javax.sql.DataSource;
- @ComponentScan
- @EnableWebSecurity
- public class WebSecurity extends WebSecurityConfigurerAdapter {
- private UserDetailsService userDetailsService;
- private PasswordEncoder passwordEncoder;
- private AuthenticationEntryPoint restAuthenticationEntryPoint;
- private MyAuthenticationSuccessHandler mySuccessHandler;
- @Autowired
- private DataSource dataSource;
- // //TODO
- @Bean
- public DaoAuthenticationProvider authenticationProvider() {
- DaoAuthenticationProvider auth = new DaoAuthenticationProvider();
- auth.setUserDetailsService(userDetailsService);
- auth.setPasswordEncoder(passwordEncoder);
- return auth;
- }
- //TODO - co to robi
- // @Override
- // protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
- // auth.inMemoryAuthentication()
- // .withUser("user1").password(passwordEncoder.encode("user1Pass")).roles("USER")
- // .and()
- // .withUser("user2").password(passwordEncoder.encode("user2Pass")).roles("USER")
- // .and()
- // .withUser("admin").password(passwordEncoder.encode("adminPass")).roles("ADMIN");
- // }
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http.cors().and().csrf().disable()
- .exceptionHandling()
- .authenticationEntryPoint(restAuthenticationEntryPoint)
- .and()
- .authorizeRequests()
- .anyRequest().permitAll()
- .and()
- .formLogin()
- .successHandler(mySuccessHandler)
- .and()
- .httpBasic()
- .and()
- .logout();
- // http.sessionManagement().maximumSessions(1).expiredUrl("/login?expired=true");//TODO
- }
- @Override
- protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userDetailsService)
- .passwordEncoder(passwordEncoder)
- .and()
- .authenticationProvider(authenticationProvider())
- .jdbcAuthentication()
- .dataSource(dataSource);
- }
- @Bean
- @Override
- public UserDetailsService userDetailsService() {
- return new UserDetailsServiceImpl();
- }
- //TODO
- @Bean
- public AuthenticationManager customAuthenticationManager() throws Exception {
- return authenticationManager();
- }
- @Autowired
- public void setUserDetailsService(UserDetailsService userDetailsService){
- this.userDetailsService = userDetailsService;
- }
- @Autowired
- public void setPasswordEncoder(PasswordEncoder passwordEncoder){
- this.passwordEncoder = passwordEncoder;
- }
- @Autowired
- public void setRestAuthenticationEntryPoint(AuthenticationEntryPoint entryPoint){
- this.restAuthenticationEntryPoint = entryPoint;
- }
- @Autowired
- public void setMySuccessHandler(MyAuthenticationSuccessHandler mySuccessHandler){
- this.mySuccessHandler = mySuccessHandler;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement