JAVA-14676 Update remaining code
This commit is contained in:
+32
-20
@@ -2,21 +2,30 @@ package com.baeldung.antmatchers.config;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@Configuration
|
||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
public class SecurityConfiguration {
|
||||
|
||||
@Override
|
||||
public void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser("admin").password(passwordEncoder().encode("password")).roles("USER", "ADMIN")
|
||||
.and()
|
||||
.withUser("user").password(passwordEncoder().encode("password")).roles("USER");
|
||||
@Bean
|
||||
public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
|
||||
UserDetails admin = User.withUsername("admin")
|
||||
.password(passwordEncoder.encode("password"))
|
||||
.roles("USER", "ADMIN")
|
||||
.build();
|
||||
|
||||
UserDetails user = User.withUsername("user")
|
||||
.password(passwordEncoder.encode("password"))
|
||||
.roles("USER")
|
||||
.build();
|
||||
|
||||
return new InMemoryUserDetailsManager(admin, user);
|
||||
}
|
||||
|
||||
@Bean
|
||||
@@ -24,16 +33,19 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/products/**").permitAll()
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/customers/**").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic();
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/products/**")
|
||||
.permitAll()
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/customers/**")
|
||||
.hasRole("ADMIN")
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.and()
|
||||
.httpBasic();
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
+7
-7
@@ -1,17 +1,17 @@
|
||||
package com.baeldung.securityprofile;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
||||
|
||||
@Configuration
|
||||
@Profile("test")
|
||||
public class ApplicationNoSecurity extends WebSecurityConfigurerAdapter {
|
||||
public class ApplicationNoSecurity {
|
||||
|
||||
@Override
|
||||
public void configure(WebSecurity web) {
|
||||
web.ignoring().antMatchers("/**");
|
||||
@Bean
|
||||
public WebSecurityCustomizer webSecurityCustomizer() {
|
||||
return (web) -> web.ignoring()
|
||||
.antMatchers("/**");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+9
-5
@@ -1,16 +1,20 @@
|
||||
package com.baeldung.securityprofile;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@Configuration
|
||||
@Profile("prod")
|
||||
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {
|
||||
public class ApplicationSecurity {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests().anyRequest().authenticated();
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests()
|
||||
.anyRequest()
|
||||
.authenticated();
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user