update xml configuration

2015-12-24 14:15:21 +02:00 · 2015-12-24 14:15:21 +02:00 · ea91739bfa
parent ff053d279d
commit ea91739bfa
3 changed files with 55 additions and 3 deletions
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java
@ -18,6 +18,7 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand

@Configuration
@ComponentScan(basePackages = { "org.baeldung.security" })
+// @ImportResource({ "classpath:webSecurityConfig.xml" })
@EnableWebSecurity
 public class SecSecurityConfig extends WebSecurityConfigurerAdapter {

--- a/spring-security-login-and-registration/src/main/resources/webSecurityConfig-basic.xml
+++ b/spring-security-login-and-registration/src/main/resources/webSecurityConfig-basic.xml
@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security.xsd
+        http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-4.2.xsd"
+>
+
+	<http use-expressions="true">
+		<intercept-url pattern="/login*" access="permitAll" />
+		<intercept-url pattern="/logout*" access="permitAll" />
+		<intercept-url pattern="/signin/**" access="permitAll" />
+		<intercept-url pattern="/signup/**" access="permitAll" />
+		<intercept-url pattern="/user/registration*" access="permitAll" />
+		<intercept-url pattern="/regitrationConfirm*" access="permitAll" />
+		<intercept-url pattern="/expiredAccount*" access="permitAll" />
+		<intercept-url pattern="/registration*" access="permitAll" />
+		<intercept-url pattern="/badUser*" access="permitAll" />
+		<intercept-url pattern="/resources/**" access="permitAll" />
+		<intercept-url pattern="/invalidSession*" access="isAnonymous()" />
+		<intercept-url pattern="/**" access="isAuthenticated()" />
+		<form-login login-page='/login.html'
+			authentication-failure-url="/login.html?error=true"
+			authentication-success-handler-ref="myAuthenticationSuccessHandler"
+			default-target-url="/homepage.html" />
+		<session-management invalid-session-url="/invalidSession.html"
+			session-fixation-protection="none" />
+		<logout invalidate-session="false" logout-success-url="/logout.html?logSucc=true"
+			logout-url="/j_spring_security_logout" delete-cookies="JSESSIONID" />
+	</http>
+
+	<beans:bean id="myAuthenticationSuccessHandler"
+		class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler" />
+
+	<authentication-manager>
+		<authentication-provider user-service-ref="userDetailsService" />
+	</authentication-manager>
+	<beans:bean id="userDetailsService" class="org.baeldung.security.MyUserDetailsService" />
+
+</beans:beans>
--- a/spring-security-login-and-registration/src/main/resources/webSecurityConfig.xml
+++ b/spring-security-login-and-registration/src/main/resources/webSecurityConfig.xml
@ -1,9 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
-    xmlns:mvc="http://www.springframework.org/schema/mvc"
    xsi:schemaLocation="
-		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
-		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd"
+        http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security.xsd
+        http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-4.2.xsd"
 >

    <http use-expressions="true">
@ -36,5 +37,14 @@
    <authentication-manager>
        <authentication-provider ref="authProvider"/>
    </authentication-manager>
+    
+    <beans:bean id="authProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
+        <beans:property name="userDetailsService" ref="userDetailsService"/>
+        <beans:property name="passwordEncoder" ref="passwordEncoder"/>
+    </beans:bean>
+    
+    <beans:bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
+        <beans:constructor-arg value="11"/>
+    </beans:bean>

 </beans:beans>