private UserDetailsService userDetailsService; private BCryptPasswordEncoder

1. private UserDetailsService userDetailsService;
2. private BCryptPasswordEncoder bCryptPasswordEncoder;
3.  
4. public SecurityConf(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
5. this.userDetailsService = userDetailsService;
6. this.bCryptPasswordEncoder = bCryptPasswordEncoder;
7. }
8.  
9.  
10.  
11.  
12. @Override
13. protected void configure(HttpSecurity http) throws Exception {
14. // TODO Auto-generated method stub
15.  
16.  
17. http.cors()
18. .and().csrf().disable()
19. .authorizeRequests()
20. .antMatchers(HttpMethod.POST,URLMapping.REGISTRATION).permitAll()
21. .anyRequest().authenticated()
22. .and().addFilter(new JwtAuthenticationFilter(authenticationManager()))
23. .addFilter(new JwtAuthorizationFilter(authenticationManager()))
24. // this disables session creation on Spring Security
25. .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
26.  
27. @Override
28. public void configure(WebSecurity web) throws Exception {
29. web.ignoring().antMatchers("/v2/api-docs/**");
30. web.ignoring().antMatchers("/swagger.json");
31. web.ignoring().antMatchers("/swagger-ui.html");
32. web.ignoring().antMatchers("/webjars/**");
33. web.ignoring().antMatchers("/swagger-resources/**");
34.  
35.  
36.  
37. web.ignoring().antMatchers(URLMapping.REGISTRATION);
38.  
39.  
40. web.ignoring().antMatchers(URLMapping.VERIFICATION);
41.  
42.  
43. }
44.  
45. @Override
46. public void configure(AuthenticationManagerBuilder auth) throws Exception {
47. auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
48. }
49.  
50.  
51. @Bean
52. CorsConfigurationSource corsConfigurationSource() {
53. final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
54. source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
55. return source;
56. }