config

1. package drustvo.security;
2.  
3. import org.springframework.beans.factory.annotation.Autowired;
4. import org.springframework.context.annotation.Bean;
5. import org.springframework.context.annotation.Configuration;
6. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
7. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
8. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
9. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
10. import org.springframework.security.core.userdetails.UserDetailsService;
11. import org.springframework.security.crypto.password.NoOpPasswordEncoder;
12. import org.springframework.security.crypto.password.PasswordEncoder;
13.  
14. @EnableWebSecurity
15. @Configuration
16. public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
17.  
18.     @Autowired
19.     UserDetailsService userDetailsService;
20.    
21.     @Override
22.     protected void configure(AuthenticationManagerBuilder auth) throws Exception{
23.         auth.userDetailsService(userDetailsService);
24.     }
25.    
26.     @Bean
27.     public PasswordEncoder getPasswordEncoder() {
28.         return NoOpPasswordEncoder.getInstance();
29.     }
30.    
31.     @Override
32.     protected void configure(HttpSecurity http) throws Exception{
33.         http.authorizeRequests()
34.             .antMatchers("/sekretar/**").hasRole("sekretar")
35.             .antMatchers("/clan/**").hasAnyRole("clan","sekretar")
36.             .antMatchers("/").permitAll()
37.             .and().formLogin()
38.             .and().csrf().disable();
39.  
40.     }
41. }