API tools faq
paste
Guest User

Untitled

a guest
Nov 22nd, 2017
192
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.74 KB | None | 0 0
raw download clone embed print report
  1. @Configuration
  2. @EnableWebSecurity
  3. public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
  4.  
  5.  
  6. @Configuration
  7. @Order(1)
  8. public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
  9. public App1ConfigurationAdapter() {
  10. super();
  11. }
  12.  
  13. @Autowired
  14. private BCryptPasswordEncoder bCryptPasswordEncoder;
  15.  
  16. @Autowired
  17. private DataSource dataSource;
  18.  
  19. @Override
  20. protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  21. auth. //
  22. jdbcAuthentication() //
  23. .dataSource(dataSource) //
  24. .usersByUsernameQuery("select email, senha, true from Administrador as users where users.email=?")
  25. .authoritiesByUsernameQuery("select email, 'ADMINISTRADOR' as role from Administrador as authorities where authorities.email=?" )
  26. .passwordEncoder(bCryptPasswordEncoder);
  27. }
  28.  
  29. @Override
  30. protected void configure(HttpSecurity http) throws Exception {
  31. http
  32. .authorizeRequests() //
  33. .antMatchers("/").permitAll() //
  34. .authenticated().and().csrf().disable().formLogin() //
  35. .loginPage("/loginAdmin").failureUrl("/loginAdmin?error=true") //
  36. .defaultSuccessUrl("/") //
  37. .usernameParameter("email") //
  38. .passwordParameter("senha") //
  39. .and().logout() //
  40. .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) //
  41. .logoutSuccessUrl("/").and().exceptionHandling() //
  42. .accessDeniedPage("/access-denied");
  43.  
  44. http.headers().referrerPolicy(ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN);
  45. http.headers().contentSecurityPolicy("default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: "
  46. + "*.googleapis.com *.gstatic.com *.google.com *.twitter.com *.facebook.com *.facebook.net "
  47. + "*.youtube.com http://maps.googleapis.com "
  48. + "https://maxcdn.bootstrapcdn.com/ https://cdn.datatables.net/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com/; "
  49. + "report-uri https://dedicatories.report-uri.com/r/d/csp/reportOnly").reportOnly(); // Endereço de Report do report-uri.io
  50. }
  51. }
  52.  
  53. @Configuration
  54. @Order(2)
  55. public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
  56.  
  57. public App2ConfigurationAdapter() {
  58. super();
  59. }
  60.  
  61. @Autowired
  62. private BCryptPasswordEncoder bCryptPasswordEncoder;
  63.  
  64. @Autowired
  65. private DataSource dataSource;
  66.  
  67. @Override
  68. protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  69. auth. //
  70. jdbcAuthentication() //
  71. .dataSource(dataSource) //
  72. .usersByUsernameQuery("select email, senha, ativo from Usuario as users where users.email=?")
  73. .authoritiesByUsernameQuery("select email, 'REGISTRADO' as role from Usuario as authorities where authorities.email=?" )
  74. .passwordEncoder(bCryptPasswordEncoder);
  75. }
  76.  
  77. @Override
  78. protected void configure(HttpSecurity http) throws Exception {
  79. http
  80. .authorizeRequests() //
  81. .antMatchers("/").permitAll() //
  82. .authenticated().and().csrf().disable().formLogin() //
  83. .loginPage("/login").failureUrl("/login?error=true") //
  84. .defaultSuccessUrl("/",true) //
  85. .usernameParameter("email") //
  86. .passwordParameter("senha") //
  87. .and().logout() //
  88. .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) //
  89. .logoutSuccessUrl("/").and().exceptionHandling() //
  90. .accessDeniedPage("/access-denied");
  91. http.headers().referrerPolicy(ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN);
  92. http.headers().contentSecurityPolicy("default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: "
  93. + "*.googleapis.com *.gstatic.com *.google.com *.twitter.com *.facebook.com *.facebook.net "
  94. + "*.youtube.com http://maps.googleapis.com "
  95. + "https://maxcdn.bootstrapcdn.com/ https://cdn.datatables.net/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com/; "
  96. + "report-uri https://dedicatories.report-uri.com/r/d/csp/reportOnly").reportOnly(); // Endereço de Report do report-uri.io
  97.  
  98. }
  99. }
  100.  
  101.  
  102.  
  103. @Override
  104. public void configure(WebSecurity web) throws Exception {
  105. web //
  106. .ignoring() //
  107. .antMatchers("/resources/**", "/static/**", "/fonts/**", "/css/**", "/js/**",
  108. "/images/**", "/files/**", "/webjars/**");
  109. }
  110. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!