aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/configuration/SecurityConfig.java
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2018-12-20 09:41:32 +0300
committerGravatar Vitaly Takmazov2019-01-16 16:39:21 +0300
commit809ef60e18bb8ab7c95db93b7777f3c0ffb30872 (patch)
treee3d1529ff1c1a2026118a2b856c6366b6b6ea2ef /src/main/java/com/juick/server/configuration/SecurityConfig.java
parent1aea2345966f5026d064a44baaa82bb2d958eb8f (diff)
HTTPSignatureAuthenticationFilter
Diffstat (limited to 'src/main/java/com/juick/server/configuration/SecurityConfig.java')
-rw-r--r--src/main/java/com/juick/server/configuration/SecurityConfig.java5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index 7145e9d5..d2d3ab13 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -17,7 +17,9 @@
package com.juick.server.configuration;
+import com.juick.server.SignatureManager;
import com.juick.service.UserService;
+import com.juick.service.security.HTTPSignatureAuthenticationFilter;
import com.juick.service.security.HashParamAuthenticationFilter;
import com.juick.service.security.JuickUserDetailsService;
import com.juick.service.security.deprecated.RequestParamHashRememberMeServices;
@@ -93,6 +95,8 @@ public class SecurityConfig {
private String webDomain;
@Resource
private UserService userService;
+ @Resource
+ private SignatureManager signatureManager;
ApiConfig() {
super(true);
}
@@ -109,6 +113,7 @@ public class SecurityConfig {
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/api/**")
.addFilterBefore(apiAuthenticationFilter(), BasicAuthenticationFilter.class)
+ .addFilterBefore(new HTTPSignatureAuthenticationFilter(signatureManager, userService), BasicAuthenticationFilter.class)
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS).permitAll()
.antMatchers("/api/", "/api/messages", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", "/api/tlgmbtwbhk", "/api/fbwbhk",