security work
This commit is contained in:
parent
9d0902f273
commit
1083636ca2
|
@ -22,6 +22,11 @@
|
|||
<artifactId>spring-security-web</artifactId>
|
||||
<version>${org.springframework.security.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>${org.springframework.security.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Spring -->
|
||||
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
package org.baeldung.spring.web.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.ImportResource;
|
||||
|
||||
@Configuration
|
||||
@ImportResource({ "classpath:webSecurityConfig.xml" })
|
||||
public class SecSecurityConfig {
|
||||
|
||||
public SecSecurityConfig() {
|
||||
super();
|
||||
}
|
||||
|
||||
}
|
|
@ -1,36 +1,27 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:beans="http://www.springframework.org/schema/beans"
|
||||
<beans:beans xmlns="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
|
||||
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
|
||||
|
||||
<http access-denied-page="/access-denied.html" use-expressions="true">
|
||||
<intercept-url pattern="/access-denied*" access="hasAnyRole('ROLE_LOCATION_WRITE','ROLE_POLYGON_WRITE')" />
|
||||
<intercept-url pattern="/admin/**" access="hasAnyRole('ROLE_ADMIN')" />
|
||||
<intercept-url pattern="/organization/**" access="hasAnyRole('ROLE_ORGANIZATION')" />
|
||||
<intercept-url pattern="/location/edit*" access="hasAnyRole('ROLE_LOCATION_WRITE')" />
|
||||
<intercept-url pattern="/location/view*" access="permitAll" />
|
||||
|
||||
<http use-expressions="true">
|
||||
<intercept-url pattern="/login*" access="isAnonymous()" />
|
||||
<intercept-url pattern="/register*" access="isAnonymous()" />
|
||||
<intercept-url pattern="/login-denied/**" access="isAnonymous()" />
|
||||
<intercept-url pattern="/**" access="isAuthenticated()" />
|
||||
|
||||
<intercept-url pattern="/**" access="permitAll" />
|
||||
<form-login login-page='/login.html' default-target-url="/"
|
||||
authentication-failure-url="/login.html?error=true" />
|
||||
|
||||
<form-login login-page='/login.html' default-target-url="/" always-use-default-target="false" authentication-failure-url="/login.html?error=true" />
|
||||
<logout logout-success-url="/login.html" />
|
||||
|
||||
<logout />
|
||||
|
||||
<anonymous />
|
||||
|
||||
<session-management invalid-session-url="/">
|
||||
<concurrency-control max-sessions="1" />
|
||||
</session-management>
|
||||
</http>
|
||||
|
||||
<authentication-manager alias="authenticationManager" erase-credentials="false">
|
||||
<authentication-provider ref="restAuthenticationProvider" />
|
||||
<authentication-manager>
|
||||
<authentication-provider>
|
||||
<user-service>
|
||||
<user name="user1" password="user1Pass" authorities="ROLE_USER" />
|
||||
</user-service>
|
||||
</authentication-provider>
|
||||
</authentication-manager>
|
||||
|
||||
</beans:beans>
|
|
@ -35,6 +35,16 @@
|
|||
<url-pattern>/</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<!-- Spring Security -->
|
||||
<filter>
|
||||
<filter-name>springSecurityFilterChain</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>springSecurityFilterChain</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<welcome-file-list>
|
||||
<welcome-file>index.html</welcome-file>
|
||||
</welcome-file-list>
|
||||
|
|
Loading…
Reference in New Issue