Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Service("userService")
- @Transactional(propagation = Propagation.REQUIRES_NEW )
- public class UserServiceImpl implements UserService, UserDetailsService{
- @Autowired
- private UserDAO userDao;
- @Override
- public boolean registerUser(User user) {
- User userWithTheSameLogin = userDao.getUserByLogin(user.getUserLogin());
- if(!Objects.isNull(userWithTheSameLogin)){
- //if user with the same login registered already
- return false;
- }else{
- User userWithTheSamePassword = userDao.getUserByEmail(user.getUserEmail());
- if(!Objects.isNull(userWithTheSamePassword)){
- //if user with the same email registered already
- return false;
- }
- else{
- //if user's credentials are unique
- userDao.create(user);
- return true;
- }
- }
- }
- @Override
- @Transactional(readOnly = true)
- public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
- // TODO Auto-generated method stub
- User user = userDao.getUserByLogin(userName);
- if(user!=null){
- boolean enabled = user.getUserStatus().equals(UserStatus.ACTIVE);
- boolean accountNonExpired = user.getUserStatus().equals(UserStatus.ACTIVE);
- boolean credentialsNonExpired = user.getUserStatus().equals(UserStatus.ACTIVE);
- boolean accountNonLocked = user.getUserStatus().equals(UserStatus.ACTIVE);
- Collection<GrantedAuthority> authorities = new ArrayList<>();
- authorities.add(new SimpleGrantedAuthority(user.getRole()));
- org.springframework.security.core.userdetails.User securityUser =
- new org.springframework.security.core.userdetails.User(
- user.getUserLogin(), user.getUserPassword(), enabled,
- accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
- return securityUser;
- }else{
- throw new UsernameNotFoundException("Invalid user login");
- }
- }
- }
- @Configuration
- @EnableWebSecurity
- @ComponentScan("org.dream.university.service")
- public class AppSecurityConfig{
- @Configuration
- @Order(1)
- public class AdminSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
- @Override
- public void configure(WebSecurity web){
- web
- .ignoring()
- .antMatchers(new String[]{"/resources/**"});
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .antMatchers("/about","search*","/registration*","/login*","/bulbular*").permitAll()
- .antMatchers("/admin").hasRole("ADMIN")
- .anyRequest().authenticated()
- .and()
- .formLogin()
- .loginPage("/login")
- .permitAll()
- .defaultSuccessUrl("/students.html", true)
- .failureUrl("/login?error")
- .usernameParameter("username")
- .passwordParameter("password")
- .loginProcessingUrl("/j_spring_security_check")
- .and()
- .logout()
- .logoutUrl("/logout")
- .logoutSuccessUrl("/login")
- .and()
- .csrf()
- .disable();
- }
- @Bean(name = "authenticationManager")
- @Autowired
- public ProviderManager getProviderManager(DaoAuthenticationProvider daoAuthenticationProvider){
- List<AuthenticationProvider> providers = new ArrayList<>();
- providers.add(daoAuthenticationProvider);
- ProviderManager providerManager = new ProviderManager(providers);
- return providerManager;
- }
- @Bean
- @Autowired
- public DaoAuthenticationProvider daoAuthenticationProvider(UserDetailsService userDetailsService){
- DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
- provider.setUserDetailsService(userDetailsService);
- return provider;
- }
- }
- }
- @Override
- @Transactional(readOnly = true)
- public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
- // TODO Auto-generated method stub
- User user = userDao.getUserByLogin(userName);
- if(user.getRole().equals("ADMIN")||user==null)
- throw new UsernameNotFoundException("Invalid user login");
- }else return user;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement