Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- ...
- http.authorizeRequests()
- .requestMatchers(getMatcherForAuthority1Urls())
- .hasAuthority("AUTHORITY1")
- .and().authorizeRequests()
- .requestMatchers(getMatcherForAuthority2Urls())
- .hasAuthority("AUTHORITY1")
- .and().authorizeRequests()
- .requestMatchers(getMatcherForAuthorities1and2Urls())
- .hasAnyAuthority("AUTHORITY1", "AUTHORITY1");
- http.authorizeRequests()
- .regexMatchers(REGEX_PATTERN_URLS_THAT_NEED_AUTHORISATION).authenticated()
- .accessDecisionManager(myAccessDecisionManager());
- http.authorizeRequests()
- .antMatchers(LOGIN_URL).permitAll();
- }
- @Bean
- public AccessDecisionManager myAccessDecisionManager() {
- List<AccessDecisionVoter<? extends Object>> decisionVoters
- = Arrays.asList(
- new WebExpressionVoter(), // votes for authorities
- myAccessVoter); // my custom voter
- return new UnanimousBased(decisionVoters);
- }
- http.authorizeRequests().anyRequest().authenticated();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement