From 9241901c9367259eebf1128c0693f9bc3f3597a5 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Sun, 27 Nov 2016 19:57:28 +0300 Subject: juick-api: add hash-based authentication filter --- .../main/java/com/juick/api/configuration/ApiSecurityConfig.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java') diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java index d7904199..cd5e3bbc 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java @@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import javax.inject.Inject; @@ -33,7 +34,8 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { - http.authorizeRequests() + http.addFilterBefore(getJuickHashFilter(), UsernamePasswordAuthenticationFilter.class) + .authorizeRequests() .antMatchers(HttpMethod.OPTIONS).permitAll() .anyRequest().hasRole("USER") .and().httpBasic().authenticationEntryPoint(getJuickAuthenticationEntryPoint()) @@ -49,4 +51,8 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { public JuickAuthenticationEntryPoint getJuickAuthenticationEntryPoint() { return new JuickAuthenticationEntryPoint(); } + @Bean + public JuickHashFilter getJuickHashFilter() { + return new JuickHashFilter(); + } } -- cgit v1.2.3