API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 5th, 2017
106
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.17 KB | None | 0 0
raw download clone embed print report
  1. //Serwis logowania angular4
  2. login(f: any): Observable<any> {
  3. // w f przechowujemy dane z formularza - login i hasło (przy czym trzeba by je zaszyfrowac)
  4. let userName = f.userName;
  5. let password = f.password;
  6. let body = `username=${userName}&password=${password}`;
  7. let headers = new Headers({ 'Content-Type': 'application/x-www-form-urlencoded' });
  8. let options = new RequestOptions({ headers: headers })
  9.  
  10. //istotny jest adres żadania j_spring_security_check
  11.  
  12. return this.http.post('/j_spring_security_check', body, options).map(response => {
  13.  
  14. // tu jakies bzdurki na dalsze potrzeby weryfikacji uprawnień)
  15. let resp = response.json()
  16. let user = new User()
  17. user.userName = resp.login
  18. user.roles = resp.authorities.map(role => role.authority)
  19. this.currentUser = user
  20.  
  21. return user
  22.  
  23. });
  24. }
  25.  
  26.  
  27. package upwm.fun.myshop.user;
  28.  
  29. import org.springframework.beans.factory.annotation.Autowired;
  30. import org.springframework.context.annotation.Configuration;
  31. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
  32. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  33. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
  34. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
  35.  
  36. @Configuration
  37. @EnableWebSecurity
  38. public class SecurityConfig extends WebSecurityConfigurerAdapter {
  39.  
  40. @Autowired
  41. MyDBAuthenticationService myDBAauthenticationService;
  42.  
  43. @Autowired
  44. public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
  45. //userzy na mockach
  46. auth.inMemoryAuthentication().withUser("mkyong").password("123456").roles("USER");
  47. auth.inMemoryAuthentication().withUser("admin").password("123456").roles("ADMIN", "USER");
  48. auth.inMemoryAuthentication().withUser("dba").password("123456").roles("DBA");
  49. //userzy z bazy danych
  50. auth.userDetailsService(myDBAauthenticationService);
  51. }
  52.  
  53. @Override
  54. protected void configure(HttpSecurity http) throws Exception {
  55.  
  56. // For ADMIN only.
  57. // http.authorizeRequests().antMatchers("/basket").access("hasRole('ROLE_ADMIN')");
  58.  
  59.  
  60. http
  61. .csrf().disable()
  62. .cors().and()
  63. .authorizeRequests()
  64. .antMatchers("/api/someEndpoint/**")
  65. .hasRole("ADMIN_ROLE").and().formLogin()
  66. .loginPage("/login").and().logout();
  67.  
  68. http.authorizeRequests().and().formLogin()//
  69. // Submit URL of login page.
  70. .loginProcessingUrl("/j_spring_security_check") // Submit URL
  71. .loginPage("/login")//
  72. .defaultSuccessUrl("/login")//
  73. .failureUrl("/login")//
  74. .usernameParameter("username")//
  75. .passwordParameter("password")
  76. // Config for Logout Page
  77. .and().logout().logoutUrl("/logout").logoutSuccessUrl("/loggedOut");
  78. }
  79.  
  80.  
  81.  
  82. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!