add java configuration

2018-06-30 23:35:29 +03:00 · 2018-06-30 23:35:29 +03:00 · aae4c26685
parent 0fd7481bb9
commit aae4c26685
2 changed files with 60 additions and 6 deletions
--- a/spring-security-mvc-custom/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java
+++ b/spring-security-mvc-custom/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java
@ -21,7 +21,7 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu

    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

-    protected MySimpleUrlAuthenticationSuccessHandler() {
+    public MySimpleUrlAuthenticationSuccessHandler() {
        super();
    }

--- a/spring-security-mvc-custom/src/main/java/org/baeldung/spring/SecSecurityConfig.java
+++ b/spring-security-mvc-custom/src/main/java/org/baeldung/spring/SecSecurityConfig.java
@ -1,16 +1,70 @@
 package org.baeldung.spring;

+import org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.ImportResource;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

@Configuration
-@ImportResource({ "classpath:webSecurityConfig.xml" })
-public class SecSecurityConfig {
+//@ImportResource({ "classpath:webSecurityConfig.xml" })
+@EnableWebSecurity
+public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
    
-    
-
    public SecSecurityConfig() {
        super();
    }

+    @Bean("authenticationManager")
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+            return super.authenticationManagerBean();
+    }
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        // @formatter:off
+        auth.inMemoryAuthentication()
+            .withUser("user1").password("{noop}user1Pass").roles("USER")
+            .and()
+            .withUser("admin1").password("{noop}admin1Pass").roles("ADMIN");
+        // @formatter:on
+    }
+
+    @Override
+    protected void configure(final HttpSecurity http) throws Exception {
+        // @formatter:off
+        http.authorizeRequests()
+            .antMatchers("/anonymous*").anonymous()
+            .antMatchers("/login*").permitAll()
+            .anyRequest().authenticated()
+            
+            .and()
+            .formLogin()
+            .loginPage("/login.html")
+            .loginProcessingUrl("/login")
+            .successHandler(myAuthenticationSuccessHandler())
+            .failureUrl("/login.html?error=true")
+            
+            .and()
+            .logout().deleteCookies("JSESSIONID")
+            
+            .and()
+            .rememberMe().key("uniqueAndSecret").tokenValiditySeconds(86400)
+            
+            .and()
+            .csrf().disable()
+            ;
+        // @formatter:on
+    }
+    
+    @Bean
+    public AuthenticationSuccessHandler myAuthenticationSuccessHandler(){
+        return new MySimpleUrlAuthenticationSuccessHandler();
+    }
 }