From 5933eac025502978a4c0e3546ed9504408e6969c Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 15 Dec 2022 17:27:13 +0300 Subject: Cleanup Security config --- src/main/java/com/juick/config/SecurityConfig.java | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'src/main') diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java index b531e62f..dce44b5e 100644 --- a/src/main/java/com/juick/config/SecurityConfig.java +++ b/src/main/java/com/juick/config/SecurityConfig.java @@ -26,10 +26,10 @@ import com.juick.service.security.entities.JuickUser; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.core.annotation.Order; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.AuthenticationEntryPoint; @@ -67,7 +67,7 @@ public class SecurityConfig { } @Bean - static CorsConfigurationSource corsConfigurationSource() { + CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedOrigins(Collections.singletonList("*")); @@ -120,7 +120,6 @@ public class SecurityConfig { } @Bean - @Order(1) SecurityFilterChain apiChain(HttpSecurity http) throws Exception { http.securityMatcher("/api/**") .addFilterBefore(apiAuthenticationFilter(), BasicAuthenticationFilter.class) @@ -161,6 +160,22 @@ public class SecurityConfig { return handler; } + @Bean + SecurityFilterChain h2ConsoFilterChain(HttpSecurity http) throws Exception { + http.securityMatcher("/h2-console/**") + .authorizeHttpRequests(auth -> auth + .anyRequest().permitAll()) + .anonymous(anonymous -> anonymous.principal(JuickUser.ANONYMOUS_USER) + .authorities(JuickUser.ANONYMOUS_AUTHORITY)) + .csrf().disable() + .sessionManagement(sessionManagement -> sessionManagement + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .exceptionHandling(exceptionHandling -> exceptionHandling + .authenticationEntryPoint(juickAuthenticationEntryPoint())) + .headers().defaultsDisabled().cacheControl(); + return http.build(); + } + @Bean SecurityFilterChain wwwChain(HttpSecurity http) throws Exception { http.addFilterBefore(wwwAuthenticationFilter(), BasicAuthenticationFilter.class) -- cgit v1.2.3