diff options
Diffstat (limited to 'juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java')
-rw-r--r-- | juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java index d7904199..cd5e3bbc 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java @@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import javax.inject.Inject; @@ -33,7 +34,8 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { - http.authorizeRequests() + http.addFilterBefore(getJuickHashFilter(), UsernamePasswordAuthenticationFilter.class) + .authorizeRequests() .antMatchers(HttpMethod.OPTIONS).permitAll() .anyRequest().hasRole("USER") .and().httpBasic().authenticationEntryPoint(getJuickAuthenticationEntryPoint()) @@ -49,4 +51,8 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { public JuickAuthenticationEntryPoint getJuickAuthenticationEntryPoint() { return new JuickAuthenticationEntryPoint(); } + @Bean + public JuickHashFilter getJuickHashFilter() { + return new JuickHashFilter(); + } } |