Merge pull request #844 from oreva/master

Improvement for Spring Security Basic Authentication.
2016-11-21 17:58:38 -08:00 · 2016-11-21 17:58:38 -08:00 · b5c733df47
parent b8ade6f6da 858d14baf3
commit b5c733df47
2 changed files with 26 additions and 4 deletions
--- a/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/configuration/CustomWebSecurityConfigurerAdapter.java
+++ b/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/configuration/CustomWebSecurityConfigurerAdapter.java
@ -1,17 +1,40 @@
 package org.baeldung.security.filter.configuration;

+import org.baeldung.security.basic.MyBasicAuthenticationEntryPoint;
 import org.baeldung.security.filter.CustomFilter;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

@Configuration
+@EnableWebSecurity
 public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
+    @Autowired
+    private MyBasicAuthenticationEntryPoint authenticationEntryPoint;
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth)
+            throws Exception {
+        auth
+            .inMemoryAuthentication()
+            .withUser("user1").password("user1Pass")
+            .authorities("ROLE_USER");
+    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
-        http.addFilterAfter(new CustomFilter(), BasicAuthenticationFilter.class);
-    }
+        http.authorizeRequests()
+            .antMatchers("/securityNone").permitAll()
+            .anyRequest().authenticated()
+            .and()
+            .httpBasic()
+            .authenticationEntryPoint(authenticationEntryPoint);

+        http.addFilterAfter(new CustomFilter(),
+                BasicAuthenticationFilter.class);
+    }
 }
--- a/spring-security-basic-auth/src/main/java/org/baeldung/spring/SecSecurityConfig.java
+++ b/spring-security-basic-auth/src/main/java/org/baeldung/spring/SecSecurityConfig.java
@ -2,11 +2,10 @@ package org.baeldung.spring;

 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.ImportResource;

@Configuration
-@ImportResource({ "classpath:webSecurityConfig.xml" })
@ComponentScan("org.baeldung.security")
+//@ImportResource({ "classpath:webSecurityConfig.xml" })
 public class SecSecurityConfig {

    public SecSecurityConfig() {