[BAEL-1556]:fixes according to a review
This commit is contained in:
kwandzel
parent
b021e6b01a
commit
94421b7d38
@ -12,26 +12,32 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http.authorizeRequests()
|
||||||
.authorizeRequests()
|
.anyRequest()
|
||||||
.anyRequest().authenticated()
|
.authenticated()
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
.loginPage("/login")
|
.loginPage("/login")
|
||||||
.permitAll().failureUrl("/loginError").successForwardUrl("/index")
|
.permitAll()
|
||||||
.and()
|
.successForwardUrl("/index")
|
||||||
|
.and()
|
||||||
.logout()
|
.logout()
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
|
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
|
||||||
.logoutSuccessUrl("/login");
|
.logoutSuccessUrl("/login");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
|
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
|
||||||
auth.inMemoryAuthentication()
|
auth.inMemoryAuthentication()
|
||||||
.withUser("user").password("password").roles("USER").and()
|
.withUser("user")
|
||||||
.withUser("admin").password("admin").roles("ADMIN");
|
.password("password")
|
||||||
|
.roles("USER")
|
||||||
|
.and()
|
||||||
|
.withUser("admin")
|
||||||
|
.password("admin")
|
||||||
|
.roles("ADMIN");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -6,7 +6,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication;
|
|||||||
@SpringBootApplication
|
@SpringBootApplication
|
||||||
public class SpringSecurityThymeleafApplication {
|
public class SpringSecurityThymeleafApplication {
|
||||||
|
|
||||||
public static void main(String[] args) {
|
public static void main(String[] args) {
|
||||||
SpringApplication.run(SpringSecurityThymeleafApplication.class, args);
|
SpringApplication.run(SpringSecurityThymeleafApplication.class, args);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -6,19 +6,13 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
|||||||
@Controller
|
@Controller
|
||||||
public class ViewController {
|
public class ViewController {
|
||||||
|
|
||||||
@RequestMapping("/login")
|
@RequestMapping("/login")
|
||||||
public String login() {
|
public String login() {
|
||||||
return "login";
|
return "login";
|
||||||
}
|
}
|
||||||
|
|
||||||
@RequestMapping({ "/index", "/" })
|
|
||||||
public String index() {
|
|
||||||
return "index";
|
|
||||||
}
|
|
||||||
|
|
||||||
@RequestMapping("/loginError")
|
|
||||||
public String loginError() {
|
|
||||||
return "loginError";
|
|
||||||
}
|
|
||||||
|
|
||||||
|
@RequestMapping({ "/index", "/" })
|
||||||
|
public String index() {
|
||||||
|
return "index";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -8,8 +8,11 @@
|
|||||||
<p>Spring Security Thymeleaf tutorial</p>
|
<p>Spring Security Thymeleaf tutorial</p>
|
||||||
<div sec:authorize="hasRole('USER')">Text visible to user.</div>
|
<div sec:authorize="hasRole('USER')">Text visible to user.</div>
|
||||||
<div sec:authorize="hasRole('ADMIN')">Text visible to admin.</div>
|
<div sec:authorize="hasRole('ADMIN')">Text visible to admin.</div>
|
||||||
<div sec:authorize="isAuthenticated()">Text visible only to authenticated users.</div>
|
<div sec:authorize="isAuthenticated()">Text visible only to
|
||||||
Authenticated username: <div sec:authentication="name"></div>
|
authenticated users.</div>
|
||||||
Authenticated user roles: <div sec:authentication="principal.authorities"></div>
|
Authenticated username:
|
||||||
|
<div sec:authentication="name"></div>
|
||||||
|
Authenticated user roles:
|
||||||
|
<div sec:authentication="principal.authorities"></div>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
@ -7,9 +7,9 @@
|
|||||||
<h2>Custom Login Page</h2>
|
<h2>Custom Login Page</h2>
|
||||||
<form th:action="@{/login}" method="post">
|
<form th:action="@{/login}" method="post">
|
||||||
<label for="username">Username</label>: <input type="text"
|
<label for="username">Username</label>: <input type="text"
|
||||||
id="username" name="username" autofocus="autofocus" /> <br /> <label
|
id="username" name="username" autofocus="autofocus" /> <label
|
||||||
for="password">Password</label>: <input type="password" id="password"
|
for="password">Password</label>: <input type="password" id="password"
|
||||||
name="password" /> <br /> <input type="submit" value="Log in" />
|
name="password" /><input type="submit" value="Log in" />
|
||||||
</form>
|
</form>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
@ -1,9 +0,0 @@
|
|||||||
<!DOCTYPE html>
|
|
||||||
<html xmlns:th="http://www.thymeleaf.org">
|
|
||||||
<head>
|
|
||||||
<title>Login error page</title>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<h2>Login Error Page</h2>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
||||||
Loading…
x
Reference in New Issue
Block a user