diff options
author | Vitaly Takmazov | 2022-12-15 17:27:13 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2022-12-15 17:27:13 +0300 |
commit | 5933eac025502978a4c0e3546ed9504408e6969c (patch) | |
tree | 8503f89b95e261e09b7349459c2cfa4e3e4cb37b /src/main | |
parent | e13c2e7e970fdfb30186edbb58d2982551f1607f (diff) |
Cleanup Security config
Diffstat (limited to 'src/main')
-rw-r--r-- | src/main/java/com/juick/config/SecurityConfig.java | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java index b531e62f..dce44b5e 100644 --- a/src/main/java/com/juick/config/SecurityConfig.java +++ b/src/main/java/com/juick/config/SecurityConfig.java @@ -26,10 +26,10 @@ import com.juick.service.security.entities.JuickUser; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.core.annotation.Order; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.AuthenticationEntryPoint; @@ -67,7 +67,7 @@ public class SecurityConfig { } @Bean - static CorsConfigurationSource corsConfigurationSource() { + CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedOrigins(Collections.singletonList("*")); @@ -120,7 +120,6 @@ public class SecurityConfig { } @Bean - @Order(1) SecurityFilterChain apiChain(HttpSecurity http) throws Exception { http.securityMatcher("/api/**") .addFilterBefore(apiAuthenticationFilter(), BasicAuthenticationFilter.class) @@ -162,6 +161,22 @@ public class SecurityConfig { } @Bean + SecurityFilterChain h2ConsoFilterChain(HttpSecurity http) throws Exception { + http.securityMatcher("/h2-console/**") + .authorizeHttpRequests(auth -> auth + .anyRequest().permitAll()) + .anonymous(anonymous -> anonymous.principal(JuickUser.ANONYMOUS_USER) + .authorities(JuickUser.ANONYMOUS_AUTHORITY)) + .csrf().disable() + .sessionManagement(sessionManagement -> sessionManagement + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .exceptionHandling(exceptionHandling -> exceptionHandling + .authenticationEntryPoint(juickAuthenticationEntryPoint())) + .headers().defaultsDisabled().cacheControl(); + return http.build(); + } + + @Bean SecurityFilterChain wwwChain(HttpSecurity http) throws Exception { http.addFilterBefore(wwwAuthenticationFilter(), BasicAuthenticationFilter.class) .authorizeHttpRequests(authorize -> authorize |