Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableWebSecurity
- public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
- @Configuration
- @Order(1)
- public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
- public App1ConfigurationAdapter() {
- super();
- }
- @Autowired
- private BCryptPasswordEncoder bCryptPasswordEncoder;
- @Autowired
- private DataSource dataSource;
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth. //
- jdbcAuthentication() //
- .dataSource(dataSource) //
- .usersByUsernameQuery("select email, senha, true from Administrador as users where users.email=?")
- .authoritiesByUsernameQuery("select email, 'ADMINISTRADOR' as role from Administrador as authorities where authorities.email=?" )
- .passwordEncoder(bCryptPasswordEncoder);
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests() //
- .antMatchers("/").permitAll() //
- .authenticated().and().csrf().disable().formLogin() //
- .loginPage("/loginAdmin").failureUrl("/loginAdmin?error=true") //
- .defaultSuccessUrl("/") //
- .usernameParameter("email") //
- .passwordParameter("senha") //
- .and().logout() //
- .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) //
- .logoutSuccessUrl("/").and().exceptionHandling() //
- .accessDeniedPage("/access-denied");
- http.headers().referrerPolicy(ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN);
- http.headers().contentSecurityPolicy("default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: "
- + "*.googleapis.com *.gstatic.com *.google.com *.twitter.com *.facebook.com *.facebook.net "
- + "*.youtube.com http://maps.googleapis.com "
- + "https://maxcdn.bootstrapcdn.com/ https://cdn.datatables.net/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com/; "
- + "report-uri https://dedicatories.report-uri.com/r/d/csp/reportOnly").reportOnly(); // Endereço de Report do report-uri.io
- }
- }
- @Configuration
- @Order(2)
- public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
- public App2ConfigurationAdapter() {
- super();
- }
- @Autowired
- private BCryptPasswordEncoder bCryptPasswordEncoder;
- @Autowired
- private DataSource dataSource;
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth. //
- jdbcAuthentication() //
- .dataSource(dataSource) //
- .usersByUsernameQuery("select email, senha, ativo from Usuario as users where users.email=?")
- .authoritiesByUsernameQuery("select email, 'REGISTRADO' as role from Usuario as authorities where authorities.email=?" )
- .passwordEncoder(bCryptPasswordEncoder);
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests() //
- .antMatchers("/").permitAll() //
- .authenticated().and().csrf().disable().formLogin() //
- .loginPage("/login").failureUrl("/login?error=true") //
- .defaultSuccessUrl("/",true) //
- .usernameParameter("email") //
- .passwordParameter("senha") //
- .and().logout() //
- .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) //
- .logoutSuccessUrl("/").and().exceptionHandling() //
- .accessDeniedPage("/access-denied");
- http.headers().referrerPolicy(ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN);
- http.headers().contentSecurityPolicy("default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: "
- + "*.googleapis.com *.gstatic.com *.google.com *.twitter.com *.facebook.com *.facebook.net "
- + "*.youtube.com http://maps.googleapis.com "
- + "https://maxcdn.bootstrapcdn.com/ https://cdn.datatables.net/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com/; "
- + "report-uri https://dedicatories.report-uri.com/r/d/csp/reportOnly").reportOnly(); // Endereço de Report do report-uri.io
- }
- }
- @Override
- public void configure(WebSecurity web) throws Exception {
- web //
- .ignoring() //
- .antMatchers("/resources/**", "/static/**", "/fonts/**", "/css/**", "/js/**",
- "/images/**", "/files/**", "/webjars/**");
- }
- }
Add Comment
Please, Sign In to add comment