Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- private UserDetailsService userDetailsService;
- private BCryptPasswordEncoder bCryptPasswordEncoder;
- public SecurityConf(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
- this.userDetailsService = userDetailsService;
- this.bCryptPasswordEncoder = bCryptPasswordEncoder;
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- // TODO Auto-generated method stub
- http.cors()
- .and().csrf().disable()
- .authorizeRequests()
- .antMatchers(HttpMethod.POST,URLMapping.REGISTRATION).permitAll()
- .anyRequest().authenticated()
- .and().addFilter(new JwtAuthenticationFilter(authenticationManager()))
- .addFilter(new JwtAuthorizationFilter(authenticationManager()))
- // this disables session creation on Spring Security
- .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
- @Override
- public void configure(WebSecurity web) throws Exception {
- web.ignoring().antMatchers("/v2/api-docs/**");
- web.ignoring().antMatchers("/swagger.json");
- web.ignoring().antMatchers("/swagger-ui.html");
- web.ignoring().antMatchers("/webjars/**");
- web.ignoring().antMatchers("/swagger-resources/**");
- web.ignoring().antMatchers(URLMapping.REGISTRATION);
- web.ignoring().antMatchers(URLMapping.VERIFICATION);
- }
- @Override
- public void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
- }
- @Bean
- CorsConfigurationSource corsConfigurationSource() {
- final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
- source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
- return source;
- }
Add Comment
Please, Sign In to add comment