JAVA-14888 Update apache-shiro module under security-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#13059)
This commit is contained in:
anuragkumawat
GitHub
parent
e14ea6632f
commit
32e34e537b
@ -1,40 +1,46 @@
|
|||||||
package com.baeldung.comparison.springsecurity.config;
|
package com.baeldung.comparison.springsecurity.config;
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.core.userdetails.User;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
public class SecurityConfig {
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http.csrf().disable().authorizeRequests(authorize -> authorize.antMatchers("/index", "/login")
|
http.csrf()
|
||||||
.permitAll()
|
.disable()
|
||||||
.antMatchers("/home", "/logout")
|
.authorizeRequests(authorize -> authorize.antMatchers("/index", "/login")
|
||||||
.authenticated()
|
.permitAll()
|
||||||
.antMatchers("/admin/**")
|
.antMatchers("/home", "/logout")
|
||||||
.hasRole("ADMIN"))
|
.authenticated()
|
||||||
|
.antMatchers("/admin/**")
|
||||||
|
.hasRole("ADMIN"))
|
||||||
.formLogin(formLogin -> formLogin.loginPage("/login")
|
.formLogin(formLogin -> formLogin.loginPage("/login")
|
||||||
.failureUrl("/login-error"));
|
.failureUrl("/login-error"));
|
||||||
|
return http.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
public InMemoryUserDetailsManager userDetailsService() throws Exception {
|
||||||
auth.inMemoryAuthentication()
|
UserDetails jerry = User.withUsername("Jerry")
|
||||||
.withUser("Jerry")
|
|
||||||
.password(passwordEncoder().encode("password"))
|
.password(passwordEncoder().encode("password"))
|
||||||
.authorities("READ", "WRITE")
|
.authorities("READ", "WRITE")
|
||||||
.roles("ADMIN")
|
.roles("ADMIN")
|
||||||
.and()
|
.build();
|
||||||
.withUser("Tom")
|
UserDetails tom = User.withUsername("Tom")
|
||||||
.password(passwordEncoder().encode("password"))
|
.password(passwordEncoder().encode("password"))
|
||||||
.authorities("READ")
|
.authorities("READ")
|
||||||
.roles("USER");
|
.roles("USER")
|
||||||
|
.build();
|
||||||
|
return new InMemoryUserDetailsManager(jerry, tom);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user