diff options
author | Alexander Alexeev | 2016-11-26 04:24:14 +0700 |
---|---|---|
committer | Alexander Alexeev | 2016-11-26 04:24:14 +0700 |
commit | 3c037e00d89a4ad5d0df57b3216857237ab81886 (patch) | |
tree | fc29f7e6eea5247564f3e32f6c93878e6015bcfd /juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java | |
parent | 46a040d6ff07e2581ae461ac60d2abc736cc7c6d (diff) |
api configuration
Diffstat (limited to 'juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java')
-rw-r--r-- | juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java | 40 |
1 files changed, 16 insertions, 24 deletions
diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java index c0043950..8d074f7c 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java @@ -19,27 +19,37 @@ import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; -import javax.annotation.Resource; import javax.inject.Inject; /** * Created by aalexeev on 11/21/16. */ @Configuration -@EnableWebSecurity +@EnableWebSecurity(debug = true) @PropertySource("classpath:juick.conf") public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { - @Resource + @Inject private Environment env; - @Resource + @Inject private UserService userService; - protected ApiSecurityConfig() { + ApiSecurityConfig() { super(true); } + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests() + .antMatchers("/home").hasRole("USER") + .antMatchers(HttpMethod.OPTIONS).permitAll() + .and().httpBasic().authenticationEntryPoint(getBasicAuthEntryPoint()) + .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) + .and().exceptionHandling().authenticationEntryPoint(getBasicAuthEntryPoint()) + .and().authenticationProvider(new JuickAuthenticationProvider()); + } + @Bean - public JuickAuthenticationEntryPoint getBasicAuthEntryPoint(){ + public JuickAuthenticationEntryPoint getBasicAuthEntryPoint() { return new JuickAuthenticationEntryPoint(); } @@ -58,22 +68,4 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { throw new UsernameNotFoundException("The username " + username + " is not found"); }; } - - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .antMatchers("/home").hasRole("USER") - .and().httpBasic().authenticationEntryPoint(new JuickAuthenticationEntryPoint()) - .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); - } - - @Inject - public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { - auth.authenticationProvider(new JuickAuthenticationProvider()); - } - @Override - public void configure(WebSecurity web) throws Exception { - web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); - } } |