Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter{
- @Override
- protected void configure(HttpSecurity http)throws Exception{
- http
- .authorizeRequests()
- .antMatchers("/").permitAll()
- .antMatchers("/admin/**").hasRole("USER")
- .and()
- .formLogin()
- .loginPage("/login")
- .and()
- .logout()
- .deleteCookies("JSESSIONID")
- .and()
- .rememberMe();
- }
- @Autowired
- private AuthenticationProvider authenticationProvider;
- @Autowired
- private UserDetailsService userDetailsService;
- @Autowired
- public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
- auth.authenticationProvider(authenticationProvider);
- auth.userDetailsService(userDetailsService);
- }
- public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer{}
- }
- @Service
- public class UserServiceImpl implements UserDetailsService {
- @Autowired
- UserRepository userRepository;
- @Autowired
- RoleRepository roleRepository;
- public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
- RentalWebsUser userInfo = userRepository.getUserByUsername(username);
- List<GrantedAuthority> authorities = roleRepository.getRolesByUsername(username);
- if(userInfo != null && !authorities.isEmpty()){
- User user = new User(userInfo.getUsername(), userInfo.getPassword(), true, true, true, true, authorities);
- RentalWebsUser userDetails = new RentalWebsUser(user, userInfo.getIdweb(), userInfo.getName(), userInfo.getSurname());
- return userDetails;
- } else throw new UsernameNotFoundException("Wrong user/password");
- }
- }
- @Component
- public class RwAuthenticationProvider implements AuthenticationProvider {
- RentalWebsUser userDetails;
- @Autowired
- UserDetailsService userService;
- public Authentication authenticate(Authentication authentication) throws AuthenticationException {
- User user = null;
- Authentication auth = null;
- String username = authentication.getName();
- String password = authentication.getCredentials().toString();
- userDetails = (RentalWebsUser) userService.loadUserByUsername(username);
- if(userDetails != null){
- user = userDetails.getUser();
- } else throw new UsernameNotFoundException("Wrong user/password");
- if(password == null || !password.equals(user.getPassword())) throw new UsernameNotFoundException("Wrong user/password");
- if(user != null){
- auth = new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword(), user.getAuthorities());
- } else throw new UsernameNotFoundException("Wrong user/password");
- return auth;
- }
- public RentalWebsUser getUserDetails(){
- return userDetails;
- }
- @Override
- public boolean supports(Class<?> type) {
- return true;
- }
- }
- public class MvcWebApplicationInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
- @Override
- protected Class<?>[] getRootConfigClasses() {
- return new Class[]{SecurityConfig.class};
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement