Java-82 Correctly configure Netty server and security (#10034)
* Java-82 Correctly configure netty server and security * Java-82 Align WebSecurity with article * Java-82 Change port Co-authored-by: mikr <michael.krimgen@ximedes.com>
This commit is contained in:
parent
ab7e2477d8
commit
4cd2feed94
|
@ -7,7 +7,7 @@ import java.util.Map;
|
||||||
import java.util.concurrent.ConcurrentHashMap;
|
import java.util.concurrent.ConcurrentHashMap;
|
||||||
|
|
||||||
@Component
|
@Component
|
||||||
@Endpoint(id = "features", enableByDefault = true)
|
@Endpoint(id = "features")
|
||||||
public class FeaturesEndpoint {
|
public class FeaturesEndpoint {
|
||||||
|
|
||||||
private Map<String, Feature> features = new ConcurrentHashMap<>();
|
private Map<String, Feature> features = new ConcurrentHashMap<>();
|
||||||
|
|
|
@ -4,7 +4,7 @@ import org.springframework.boot.SpringApplication;
|
||||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||||
|
|
||||||
@SpringBootApplication
|
@SpringBootApplication
|
||||||
public class Spring5ReactiveApplication{
|
public class Spring5ReactiveApplication {
|
||||||
|
|
||||||
public static void main(String[] args) {
|
public static void main(String[] args) {
|
||||||
SpringApplication.run(Spring5ReactiveApplication.class, args);
|
SpringApplication.run(Spring5ReactiveApplication.class, args);
|
||||||
|
|
|
@ -1,10 +1,7 @@
|
||||||
package com.baeldung.reactive.actuator;
|
package com.baeldung.reactive.actuator;
|
||||||
|
|
||||||
import org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest;
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
|
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
|
||||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||||
|
@ -13,16 +10,14 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||||
@EnableWebFluxSecurity
|
@EnableWebFluxSecurity
|
||||||
public class WebSecurityConfig {
|
public class WebSecurityConfig {
|
||||||
|
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public SecurityWebFilterChain securitygWebFilterChain(
|
public SecurityWebFilterChain securitygWebFilterChain(
|
||||||
ServerHttpSecurity http) {
|
ServerHttpSecurity http) {
|
||||||
return http
|
|
||||||
|
|
||||||
.authorizeExchange()
|
return http.authorizeExchange()
|
||||||
.matchers(EndpointRequest.to(
|
.pathMatchers("/actuator/**").permitAll()
|
||||||
FeaturesEndpoint.class
|
.anyExchange().authenticated()
|
||||||
)).permitAll().anyExchange().permitAll().and().csrf().disable().build();
|
.and().build();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,12 +21,12 @@ public class SecurityConfig {
|
||||||
@Bean
|
@Bean
|
||||||
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
|
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
|
||||||
return http.authorizeExchange()
|
return http.authorizeExchange()
|
||||||
.pathMatchers("/", "/admin")
|
.pathMatchers("/admin")
|
||||||
.hasAuthority("ROLE_ADMIN")
|
.hasAuthority("ROLE_ADMIN")
|
||||||
.matchers(EndpointRequest.to(FeaturesEndpoint.class))
|
.matchers(EndpointRequest.to(FeaturesEndpoint.class))
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.anyExchange()
|
.anyExchange()
|
||||||
.permitAll()
|
.authenticated()
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
.and()
|
.and()
|
||||||
|
|
Loading…
Reference in New Issue