Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Component
- public class RESTAuthenticationEntryPoint implements AuthenticationEntryPoint {
- @Override
- public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e)
- throws IOException, ServletException {
- httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED,
- "Unauthorized");
- }
- }
- @Component
- public class RESTAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
- @Override
- public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
- throws IOException, ServletException {
- super.onAuthenticationFailure(request, response, exception);
- }
- }
- @Component
- public class RESTAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
- private RequestCache requestCache = new HttpSessionRequestCache();
- @Override
- public void onAuthenticationSuccess(
- HttpServletRequest request,
- HttpServletResponse response,
- Authentication authentication)
- throws ServletException, IOException {
- SavedRequest savedRequest
- = requestCache.getRequest(request, response);
- if (savedRequest == null) {
- clearAuthenticationAttributes(request);
- return;
- }
- String targetUrlParam = getTargetUrlParameter();
- if (isAlwaysUseDefaultTargetUrl()
- || (targetUrlParam != null
- && StringUtils.hasText(request.getParameter(targetUrlParam)))) {
- requestCache.removeRequest(request, response);
- clearAuthenticationAttributes(request);
- return;
- }
- clearAuthenticationAttributes(request);
- }
- public void setRequestCache(RequestCache requestCache) {
- this.requestCache = requestCache;
- }
- }
- @Configuration
- @EnableWebSecurity
- public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
- @Autowired
- private RESTAuthenticationEntryPoint restAuthenticationEntryPoint;
- @Autowired
- private RESTAuthenticationSuccessHandler restAuthenticationSuccessHandler;
- @Autowired
- private RESTAuthenticationFailureHandler restAuthenticationFailureHandler;
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication()
- .withUser("john").password("pass1").roles("USER").and()
- .withUser("lenny").password("pass2").roles("USER");
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .csrf().disable()
- .exceptionHandling()
- .authenticationEntryPoint(restAuthenticationEntryPoint)
- .and()
- .authorizeRequests()
- .antMatchers("/secure/**").authenticated()
- .and()
- .formLogin()
- .successHandler(restAuthenticationSuccessHandler)
- .failureHandler(restAuthenticationFailureHandler)
- .and()
- .logout();
- http.cors();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement