BAEL-1914 (#4713)
* Server Sent Events example using Spring Webflux and React * spring security custom AuthenticationFailureHandler * refactor * moved SSE to branch * BAEL-1914 * remove pom properties
This commit is contained in:
+12
@@ -0,0 +1,12 @@
|
||||
package com.baeldung.springbootsecurity.form_login;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
|
||||
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.form_login")
|
||||
public class SpringBootSecurityApplication {
|
||||
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(SpringBootSecurityApplication.class, args);
|
||||
}
|
||||
}
|
||||
+67
@@ -0,0 +1,67 @@
|
||||
package com.baeldung.springbootsecurity.form_login.configuration;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.Calendar;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth
|
||||
.inMemoryAuthentication()
|
||||
.withUser("baeldung")
|
||||
.password("baeldung")
|
||||
.roles("USER");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.failureHandler(customAuthenticationFailureHandler());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public AuthenticationFailureHandler customAuthenticationFailureHandler() {
|
||||
return new CustomAuthenticationFailureHandler();
|
||||
}
|
||||
|
||||
/**
|
||||
* Custom AuthenticationFailureHandler
|
||||
*/
|
||||
public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
|
||||
private final ObjectMapper objectMapper = new ObjectMapper();
|
||||
|
||||
@Override
|
||||
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
Map<String, Object> data = new HashMap<>();
|
||||
data.put("timestamp", Calendar.getInstance().getTime());
|
||||
data.put("exception", exception.getMessage());
|
||||
|
||||
response.getOutputStream().println(objectMapper.writeValueAsString(data));
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user