iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Modify formatting.

Browse Source
This commit is contained in:
tschiman 2016-10-24 20:40:06 -06:00
parent 66b618d99d
commit bad9a35061
6 changed files with 76 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
spring-cloud/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java
View File

@ -22,45 +22,23 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
.and()
.requestMatchers()
.antMatchers("/eureka/**")
.and()
.authorizeRequests()
.antMatchers("/eureka/**").hasRole("SYSTEM")
.anyRequest().denyAll()
.and()
.httpBasic()
.and()
.csrf()
.disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS).and().requestMatchers().antMatchers("/eureka/**").and().authorizeRequests().antMatchers("/eureka/**").hasRole("SYSTEM").anyRequest().denyAll().and().httpBasic().and()
.csrf().disable();
}
@Configuration
//no order tag means this is the last security filter to be evaluated
public static class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication();
}
@Override protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.NEVER)
.and()
.httpBasic()
.disable()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
.antMatchers("/info","/health").authenticated()
.anyRequest().denyAll()
.and()
.csrf()
.disable();
@Override
protected void configure(HttpSecurity http) throws Exception {
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER).and().httpBasic().disable().authorizeRequests().antMatchers(HttpMethod.GET, "/").hasRole("ADMIN").antMatchers("/info", "/health").authenticated().anyRequest()
.denyAll().and().csrf().disable();
}
}
}

4
spring-cloud/spring-cloud-bootstrap/gateway/src/main/java/com/baeldung/spring/cloud/bootstrap/gateway/GatewayApplication.java
View File

@ -26,11 +26,11 @@ public class GatewayApplication {
private List<RibbonClientSpecification> configurations = new ArrayList<>();
@Bean
@LoadBalanced RestTemplate restTemplate(){
@LoadBalanced
RestTemplate restTemplate() {
return new RestTemplate();
}
@Bean
public SpringClientFactory springClientFactory() {
SpringClientFactory factory = new SpringClientFactory();

20
spring-cloud/spring-cloud-bootstrap/gateway/src/main/java/com/baeldung/spring/cloud/bootstrap/gateway/SecurityConfig.java
View File

@ -13,26 +13,12 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password("password").roles("USER")
.and()
.withUser("admin").password("admin").roles("ADMIN");
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER").and().withUser("admin").password("admin").roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/resource/hello/cloud").permitAll()
.antMatchers("/eureka/**").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.logout().permitAll()
.logoutSuccessUrl("/resource/hello/cloud").permitAll()
.and()
.csrf()
.disable();
http.authorizeRequests().antMatchers("/resource/hello/cloud").permitAll().antMatchers("/eureka/**").hasRole("ADMIN").anyRequest().authenticated().and().formLogin().and().logout().permitAll().logoutSuccessUrl("/resource/hello/cloud").permitAll()
.and().csrf().disable();
}
}

20
spring-cloud/spring-cloud-bootstrap/resource/src/main/java/com/baeldung/spring/cloud/bootstrap/resource/SecurityConfig.java
View File

@ -1,8 +1,6 @@
package com.baeldung.spring.cloud.bootstrap.resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@ -11,24 +9,8 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal1(AuthenticationManagerBuilder auth) throws Exception {
//try in memory auth with no users to support the case that this will allow for users that are logged in to go anywhere
auth.inMemoryAuthentication();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic()
.disable()
.authorizeRequests()
.antMatchers("/hello/cloud").permitAll()
.antMatchers("/hello/user").hasAnyRole("USER", "ADMIN")
.antMatchers("/hello/admin").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.csrf()
.disable();
http.httpBasic().disable().authorizeRequests().antMatchers("/hello/cloud").permitAll().antMatchers("/hello/user").hasAnyRole("USER", "ADMIN").antMatchers("/hello/admin").hasRole("ADMIN").anyRequest().authenticated().and().csrf().disable();
}
}