From 157260570690ed552c8e41d421ce22f0e2e5d2b2 Mon Sep 17 00:00:00 2001
From: DOHA <dohae243@gmail.com>
Date: Tue, 24 Feb 2015 17:29:35 +0200
Subject: [PATCH] add java config and add style

---
 .../baeldung/spring/SecSecurityConfig.java    | 62 +++++++++++++++++--
 .../webapp/WEB-INF/view/forgetPassword.jsp    |  2 +-
 .../src/main/webapp/WEB-INF/view/login.jsp    |  2 +-
 .../main/webapp/WEB-INF/view/registration.jsp |  2 +-
 .../webapp/WEB-INF/view/updatePassword.jsp    |  2 +-
 5 files changed, 62 insertions(+), 8 deletions(-)

diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java
index abde49790b..ec07c22811 100644
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java
@@ -4,24 +4,78 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.ImportResource;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 
 @Configuration
 @ComponentScan(basePackages = { "org.baeldung.security" })
-@ImportResource({ "classpath:webSecurityConfig.xml" })
-public class SecSecurityConfig {
+@EnableWebSecurity
+public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Autowired
     private UserDetailsService userDetailsService;
 
+    @Autowired
+    private AuthenticationSuccessHandler myAuthenticationSuccessHandler;
+
     public SecSecurityConfig() {
         super();
     }
 
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.authenticationProvider(authProvider());
+    }
+
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        web.ignoring().antMatchers("/resources/**");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        // @formatter:off
+        http
+            .csrf().disable()
+            .authorizeRequests()
+                .antMatchers("/j_spring_security_check*","/login*", "/logout*", "/signin/**", "/signup/**",
+                        "/user/registration*", "/regitrationConfirm*", "/expiredAccount*", "/registration*", 
+                        "/badUser*", "/user/resendRegistrationToken*" ,"/forgetPassword*", "/user/resetPassword*", 
+                        "/user/changePassword*", "/emailError*", "/resources/**").permitAll()
+                .antMatchers("/invalidSession*").anonymous()
+                .anyRequest().authenticated()
+                .and()
+            .formLogin()
+                .loginPage("/login.html")
+                .loginProcessingUrl("/j_spring_security_check")
+                .defaultSuccessUrl("/homepage.html")
+                .failureUrl("/login.html?error=true")
+                .successHandler(myAuthenticationSuccessHandler)
+                .usernameParameter("j_username")
+                .passwordParameter("j_password")
+            .permitAll()
+                .and()
+            .sessionManagement()
+                .invalidSessionUrl("/invalidSession.html")
+                .sessionFixation().none()
+            .and()
+            .logout()
+                .invalidateHttpSession(false)
+                .logoutUrl("/j_spring_security_logout")
+                .logoutSuccessUrl("/logout.html?logSucc=true")
+                .deleteCookies("JSESSIONID")
+                .permitAll();
+     // @formatter:on
+    }
+
     // beans
 
     @Bean
diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/forgetPassword.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/forgetPassword.jsp
index 90fec55d9b..29b5c50632 100644
--- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/forgetPassword.jsp
+++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/forgetPassword.jsp
@@ -26,7 +26,7 @@
 <td><input id="email" name="email" type="email" value="" /></td>
 </tr>
 
-<button type="submit" onclick="resetPass()">
+<button class="btn btn-primary" type="submit" onclick="resetPass()">
 <spring:message code="message.resetPassword"></spring:message>
 </button>
 </div>
diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp
index a251094ec9..e7c7c2604a 100644
--- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp
+++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/login.jsp
@@ -90,7 +90,7 @@ ${param.message}
 						<td><input type='password' name='j_password' /></td>
 					</tr>
 					<tr>
-						<td><input name="submit" type="submit"
+						<td><input class="btn btn-primary" name="submit" type="submit"
 							value=<spring:message code="label.form.submit"></spring:message> /></td>
 					</tr>
 				</table>
diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/registration.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/registration.jsp
index 0c80ebe659..8060c8f356 100644
--- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/registration.jsp
+++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/registration.jsp
@@ -43,7 +43,7 @@
 					<td><form:input path="matchingPassword" value="" type="password" /></td>
 					<form:errors cssClass="alert alert-error" element="div" />
 				</tr>
-				<button type="submit">
+				<button type="submit" class="btn btn-primary">
 					<spring:message code="label.form.submit"></spring:message>
 				</button>
 			</form:form>
diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/updatePassword.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/updatePassword.jsp
index 7f11576a4d..cf2d515f71 100644
--- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/updatePassword.jsp
+++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/updatePassword.jsp
@@ -34,7 +34,7 @@
                     </td>
                 </tr>
                 <br><br>
-                <button type="submit" onclick="savePass()">
+                <button class="btn btn-primary" type="submit" onclick="savePass()">
                     <spring:message code="message.updatePassword"></spring:message>
                 </button>
             </div>