diff --git a/spring-security-rest/src/main/java/org/baeldung/spring/SecSecurityConfig.java b/spring-security-rest/src/main/java/org/baeldung/spring/SecSecurityConfig.java deleted file mode 100644 index 4ce80dab9f..0000000000 --- a/spring-security-rest/src/main/java/org/baeldung/spring/SecSecurityConfig.java +++ /dev/null @@ -1,16 +0,0 @@ -package org.baeldung.spring; - -import org.springframework.context.annotation.ComponentScan; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.ImportResource; - -@Configuration -@ImportResource({ "classpath:webSecurityConfig.xml" }) -@ComponentScan("org.baeldung.security") -public class SecSecurityConfig { - - public SecSecurityConfig() { - super(); - } - -} diff --git a/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java b/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java new file mode 100644 index 0000000000..244b6e2e33 --- /dev/null +++ b/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java @@ -0,0 +1,67 @@ +package org.baeldung.spring; + +import org.baeldung.security.MySavedRequestAwareAuthenticationSuccessHandler; +import org.baeldung.security.RestAuthenticationEntryPoint; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; + +@Configuration +@EnableWebSecurity +@ComponentScan("org.baeldung.security") +public class SecurityJavaConfig extends WebSecurityConfigurerAdapter { + + @Autowired + private RestAuthenticationEntryPoint restAuthenticationEntryPoint; + + @Autowired + private MySavedRequestAwareAuthenticationSuccessHandler authenticationSuccessHandler; + + public SecurityJavaConfig() { + super(); + } + + // + + @Override + protected void configure(final AuthenticationManagerBuilder auth) throws Exception { + auth.inMemoryAuthentication().withUser("temporary").password("temporary").roles("ADMIN").and().withUser("user").password("userPass").roles("USER"); + } + + @Override + protected void configure(final HttpSecurity http) throws Exception { // @formatter:off + http + .csrf().disable() + .exceptionHandling() + .authenticationEntryPoint(restAuthenticationEntryPoint) + .and() + .authorizeRequests() + .antMatchers("/api/foos").authenticated() + .and() + .formLogin() + .loginProcessingUrl("/j_spring_security_check") + .usernameParameter("j_username") + .passwordParameter("j_password") + .successHandler(authenticationSuccessHandler) + .failureHandler(new SimpleUrlAuthenticationFailureHandler()) + .and() + .logout(); + } // @formatter:on + + @Bean + public MySavedRequestAwareAuthenticationSuccessHandler mySuccessHandler(){ + return new MySavedRequestAwareAuthenticationSuccessHandler(); + } + + @Bean + public SimpleUrlAuthenticationFailureHandler myFailureHandler(){ + return new SimpleUrlAuthenticationFailureHandler(); + } + +} \ No newline at end of file diff --git a/spring-security-rest/src/main/java/org/baeldung/spring/SecurityXmlConfig.java b/spring-security-rest/src/main/java/org/baeldung/spring/SecurityXmlConfig.java new file mode 100644 index 0000000000..0830a1ebe1 --- /dev/null +++ b/spring-security-rest/src/main/java/org/baeldung/spring/SecurityXmlConfig.java @@ -0,0 +1,14 @@ +package org.baeldung.spring; + +import org.springframework.context.annotation.ComponentScan; + +// @Configuration +// @ImportResource({ "classpath:webSecurityConfig.xml" }) +@ComponentScan("org.baeldung.security") +public class SecurityXmlConfig { + + public SecurityXmlConfig() { + super(); + } + +}