API tools faq
paste
Guest User

Untitled

a guest
Apr 30th, 2018
290
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.19 KB | None | 0 0
raw download clone embed print report
  1. @Entity
  2. @Table(name="USERS")
  3. public class User {
  4.  
  5. @Id
  6. @NotBlank
  7. private String username;
  8.  
  9. @NotBlank
  10. private String password;
  11.  
  12. @ElementCollection(fetch = FetchType.EAGER)
  13. private Set<String> roles;
  14.  
  15. @NotNull
  16. private Boolean enabled;
  17.  
  18. public User() {
  19. }
  20.  
  21. public String getUsername() {
  22. return username;
  23. }
  24.  
  25. public void setUsername(String username) {
  26. this.username = username;
  27. }
  28.  
  29. public String getPassword() {
  30. return password;
  31. }
  32.  
  33. public void setPassword(String password) {
  34. this.password = password;
  35. }
  36.  
  37. public Set<String> getRoles() {
  38. return roles;
  39. }
  40.  
  41. public void setRoles(Set<String> roles) {
  42. this.roles = roles;
  43. }
  44.  
  45. public Boolean getEnabled() {
  46. return enabled;
  47. }
  48.  
  49. public void setEnabled(Boolean enabled) {
  50. this.enabled = enabled;
  51. }
  52. }
  53.  
  54. @Configuration
  55. @EnableWebSecurity
  56. public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  57.  
  58. @Autowired
  59. private DataSource dataSource;
  60.  
  61. @Autowired
  62. private PasswordEncoder passwordEncoder;
  63.  
  64. @Bean
  65. @Override
  66. public UserDetailsService userDetailsServiceBean() throws Exception{
  67. return super.userDetailsServiceBean();
  68. }
  69.  
  70.  
  71. @Override
  72. protected void configure(HttpSecurity http) {
  73. try {
  74. http.csrf().disable();
  75. http.authorizeRequests()
  76. .antMatchers("/admin/**").hasRole("ADMIN")
  77. .antMatchers("/", "/index.jsf", "/signup.jsf", "/assets/**").permitAll()
  78. .antMatchers("/javax.faces.resource/**").permitAll()
  79. .antMatchers("/ui/**").authenticated()
  80. .anyRequest().authenticated()
  81. .and()
  82. .formLogin()
  83. .loginPage("/login.jsf")
  84. .permitAll()
  85. .failureUrl("/login.jsf?error=true")
  86. .defaultSuccessUrl("/index.jsf")
  87. .and()
  88. .logout()
  89. .logoutSuccessUrl("/index.jsf");
  90. } catch (Exception ex) {
  91. throw new RuntimeException(ex);
  92. }
  93. }
  94.  
  95. @Override
  96. protected void configure(AuthenticationManagerBuilder auth) {
  97.  
  98. try {
  99. auth.jdbcAuthentication()
  100. .dataSource(dataSource)
  101. .usersByUsernameQuery(
  102. "SELECT username, password, enabled " +
  103. "FROM users " +
  104. "WHERE username = ?"
  105. )
  106. .authoritiesByUsernameQuery(
  107. "SELECT x.username, y.roles " +
  108. "FROM users x, user_roles y " +
  109. "WHERE x.username = ? and y.user_username = x.username "
  110. )
  111. /*
  112. Note: in BCrypt, the "password" field also contains the salt
  113. */
  114. .passwordEncoder(passwordEncoder);
  115. } catch (Exception e) {
  116. throw new RuntimeException(e);
  117. }
  118. }
  119. }
  120.  
  121. @Named
  122.  
  123. @Autowired
  124. private UserService userService;
  125.  
  126. @Autowired
  127. private AuthenticationManager authenticationManager;
  128.  
  129. @Autowired
  130. private UserDetailsService userDetailsService;
  131.  
  132.  
  133. private String username;
  134.  
  135. private String password;
  136.  
  137. private boolean isAdmin;
  138.  
  139. public String signUpUser(){
  140.  
  141. boolean registered = false;
  142. try {
  143. registered = userService.createUser(username, password, isAdmin);
  144. }catch (Exception e){
  145. //nothing to do
  146. }
  147.  
  148. if(registered){
  149.  
  150. UserDetails userDetails = userDetailsService.loadUserByUsername(username);
  151. UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
  152. userDetails,
  153. password,
  154. userDetails.getAuthorities());
  155.  
  156. authenticationManager.authenticate(token);
  157.  
  158. if (token.isAuthenticated()) {
  159. SecurityContextHolder.getContext().setAuthentication(token);
  160. }
  161.  
  162. return "/index.jsf?faces-redirect=true";
  163. } else {
  164. return "/signup.jsf?faces-redirect=true&error=true";
  165. }
  166. }
  167.  
  168. public String getUsername() {
  169. return username;
  170. }
  171.  
  172. public void setUsername(String username) {
  173. this.username = username;
  174. }
  175.  
  176. public String getPassword() {
  177. return password;
  178. }
  179.  
  180. public void setPassword(String password) {
  181. this.password = password;
  182. }
  183.  
  184. public boolean isAdmin() {
  185. return isAdmin;
  186. }
  187.  
  188. public void setAdmin(boolean admin) {
  189. isAdmin = admin;
  190. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!