Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @SpringBootApplication
- public class Boot extends SpringBootServletInitializer {
- @Override
- protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
- return application.sources(Boot.class);
- }
- public static void main(String[] args) throws Exception {
- SpringApplication.run(Boot.class, args);
- }
- @Bean
- public WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
- return new WebSecurityConfig();
- }
- }
- @Configuration
- @EnableWebSecurity
- public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- private UserDetailsService userDetailsService;
- @Bean
- public BCryptPasswordEncoder bCryptPasswordEncoder() {
- return new BCryptPasswordEncoder();
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests()
- // .antMatchers("/home").permitAll()
- // .antMatchers("/home/**").permitAll()
- // .antMatchers("/login").permitAll()
- .antMatchers("/user/**").permitAll()
- .antMatchers("/products/form").hasRole("ADMIN")
- .antMatchers("/shopping/**").permitAll()
- .antMatchers(HttpMethod.POST, "/products").hasRole("ADMIN")
- .antMatchers("/products/**").permitAll()
- .anyRequest().authenticated()
- .and().formLogin().loginPage("/login").defaultSuccessUrl("/home").permitAll()
- .and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/home").permitAll()
- .and().exceptionHandling().accessDeniedPage("/WEB-INF/views/errors/403.jsp");
- }
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
- }
- }
Add Comment
Please, Sign In to add comment