Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter{
- @Autowired
- private Environment env;
- @Autowired
- private UserSecurityService userSecurityService;
- private BCryptPasswordEncoder passwordEncoder() {
- return SecurityUtility.passwordEncoder();
- }
- private static final String[] PUBLIC_MATCHERS= {
- "/css/**",
- "/js/**",
- "/image/**",
- "/book/**",
- "/user/**",
- };
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.csrf().disable()
- .cors().disable().
- httpBasic().and().
- authorizeRequests().antMatchers(PUBLIC_MATCHERS).permitAll().anyRequest().authenticated();
- }
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userSecurityService).passwordEncoder(passwordEncoder());
- }
- }
- @Component
- @Order(Ordered.HIGHEST_PRECEDENCE)
- public class RequestFilter implements Filter{
- public void doFilter(ServletRequest req ,ServletResponse res,FilterChain chain) {
- HttpServletRequest request = (HttpServletRequest)req;
- HttpServletResponse response = (HttpServletResponse)res;
- response.setHeader("Access-Control-Allow-Origin","*");
- response.setHeader("Access-Control-Allow-Methodes","POST,PUT,GET,OPTIONS,DELETE");
- response.setHeader("Access-Control-Allow-Headers","x-requested-with,x-auth-token");
- response.setHeader("Access-Control-Allow-Max-Age","3600");
- response.setHeader("Access-Control-Allow-Credentials","true");
- if(!request.getMethod().equalsIgnoreCase("OPTIONS")){
- try {
- chain.doFilter(req, res);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
- else {
- System.out.println("preflight");
- response.setHeader("Access-Control-Allow-Methodes","POST,GET,DELETE");
- response.setHeader("Access-Control-Allow-Max-Age","3600");
- response.setHeader("Access-Control-Allow-Headers","authorization,content-type,x-auth-token,access-control-request-headers,access-control-request-method,accept,origin,x-requested-with");
- response.setStatus(HttpServletResponse.SC_OK);
- }
- }
- public void init(FilterConfig filterConfig) {
- }
- public void destroy() {
- }
- }
- @RequestMapping("/token")
- public Map<String, String> token(HttpSession session,HttpServletRequest request){
- String remoteHost=request.getRemoteHost();
- int portNumber=request.getRemotePort();
- System.out.println(remoteHost +":"+portNumber);
- System.out.println(request.getRemoteAddr());
- return Collections.singletonMap("token",session.getId());
- }
- @Injectable()
- export class LoginService {
- constructor(private http: HttpClient) {
- }
- sendCredential(username: string, password: string) {
- let url = "http://localhost:8080/token";
- let encodedCredentials = btoa(username + ':' + password);
- let basicHeader = "Basic " + encodedCredentials;
- let headers=new HttpHeaders({
- 'Content-Type': 'application/x-www-form-urlencoded',
- 'Authorization': basicHeader
- });
- return this.http.get(url,{headers:headers});
- }
- }
Add Comment
Please, Sign In to add comment