Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 5ed6fa07

Přidáno uživatelem Jakub Danek před více než 5 roky(ů)

re #37 dummy spring security configuration

Zobrazit rozdíly:

server/src/main/java/org/danekja/ymanager/SecurityConfiguration.java
1 
package org.danekja.ymanager;
2 

  		




  
  3
  
    
import org.slf4j.Logger;


  		




  
  4
  
    
import org.slf4j.LoggerFactory;


  		




  
  5
  
    
import org.springframework.context.annotation.Bean;


  		




  
  6
  
    
import org.springframework.context.annotation.Configuration;


  		




  
  7
  
    
import org.springframework.security.authentication.AuthenticationProvider;


  		




  
  8
  
    
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


  		




  
  9
  
    
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;


  		




  
  10
  
    
import org.springframework.security.config.annotation.web.builders.HttpSecurity;


  		




  
  11
  
    
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;


  		




  
  12
  
    
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


  		




  
  13
  
    
import org.springframework.security.core.AuthenticationException;


  		




  
  14
  
    
import org.springframework.security.core.userdetails.UserDetails;


  		




  
  15
  
    
import org.springframework.security.core.userdetails.UserDetailsService;


  		




  
  16
  
    

  		




  
  17
  
    
@Configuration


  		




  
  18
  
    
@EnableWebSecurity


  		




  
  19
  
    
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {


  		




  
  20
  
    

  		




  
  21
  
    
    @Override


  		




  
  22
  
    
    protected void configure(HttpSecurity http) throws Exception {


  		




  
  23
  
    
        http.cors()


  		




  
  24
  
    
                .and()


  		




  
  25
  
    
                .authorizeRequests()


  		




  
  26
  
    
                .anyRequest().authenticated()


  		




  
  27
  
    
                .and()


  		




  
  28
  
    
                .httpBasic();


  		




  
  29
  
    
    }


  		




  
  30
  
    

  		




  
  31
  
    
    /**


  		




  
  32
  
    
     * This is a dummy authentication provider which does not check password at all.


  		




  
  33
  
    
     * <p>


  		




  
  34
  
    
     * To be replaced with OAuth2 client


  		




  
  35
  
    
     *


  		




  
  36
  
    
     * @param userDetailsService


  		




  
  37
  
    
     * @return


  		




  
  38
  
    
     */


  		




  
  39
  
    
    @Bean


  		




  
  40
  
    
    public AuthenticationProvider dummyAuthManager(UserDetailsService userDetailsService) {


  		




  
  41
  
    
        return new AbstractUserDetailsAuthenticationProvider() {


  		




  
  42
  
    

  		




  
  43
  
    
            private final Logger LOG = LoggerFactory.getLogger("DummyLogger");


  		




  
  44
  
    

  		




  
  45
  
    
            @Override


  		




  
  46
  
    
            protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {


  		




  
  47
  
    

  		




  
  48
  
    
            }


  		




  
  49
  
    

  		




  
  50
  
    
            @Override


  		




  
  51
  
    
            protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {


  		




  
  52
  
    
                return userDetailsService.loadUserByUsername(username);


  		




  
  53
  
    
            }


  		




  
  54
  
    
        };


  		




  
  55
  
    
    }


  		




  
  56
  
    

  		




  
  57
  
    
}


  		












Také k dispozici:  Unified diff