aboutsummaryrefslogtreecommitdiff
path: root/src/main
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2022-12-15 17:27:13 +0300
committerGravatar Vitaly Takmazov2022-12-15 17:27:13 +0300
commit5933eac025502978a4c0e3546ed9504408e6969c (patch)
tree8503f89b95e261e09b7349459c2cfa4e3e4cb37b /src/main
parente13c2e7e970fdfb30186edbb58d2982551f1607f (diff)
Cleanup Security config
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/com/juick/config/SecurityConfig.java21
1 files changed, 18 insertions, 3 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index b531e62f..dce44b5e 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -26,10 +26,10 @@ import com.juick.service.security.entities.JuickUser;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.AuthenticationEntryPoint;
@@ -67,7 +67,7 @@ public class SecurityConfig {
}
@Bean
- static CorsConfigurationSource corsConfigurationSource() {
+ CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Collections.singletonList("*"));
@@ -120,7 +120,6 @@ public class SecurityConfig {
}
@Bean
- @Order(1)
SecurityFilterChain apiChain(HttpSecurity http) throws Exception {
http.securityMatcher("/api/**")
.addFilterBefore(apiAuthenticationFilter(), BasicAuthenticationFilter.class)
@@ -162,6 +161,22 @@ public class SecurityConfig {
}
@Bean
+ SecurityFilterChain h2ConsoFilterChain(HttpSecurity http) throws Exception {
+ http.securityMatcher("/h2-console/**")
+ .authorizeHttpRequests(auth -> auth
+ .anyRequest().permitAll())
+ .anonymous(anonymous -> anonymous.principal(JuickUser.ANONYMOUS_USER)
+ .authorities(JuickUser.ANONYMOUS_AUTHORITY))
+ .csrf().disable()
+ .sessionManagement(sessionManagement -> sessionManagement
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+ .exceptionHandling(exceptionHandling -> exceptionHandling
+ .authenticationEntryPoint(juickAuthenticationEntryPoint()))
+ .headers().defaultsDisabled().cacheControl();
+ return http.build();
+ }
+
+ @Bean
SecurityFilterChain wwwChain(HttpSecurity http) throws Exception {
http.addFilterBefore(wwwAuthenticationFilter(), BasicAuthenticationFilter.class)
.authorizeHttpRequests(authorize -> authorize