com.fivefaces.structureclient.config.security.unmanned.UnmannedApiSecurityConfig Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of common-structure-client Show documentation
Show all versions of common-structure-client Show documentation
structure Client for Five Faces
package com.fivefaces.structureclient.config.security.unmanned;
import com.fivefaces.structureclient.config.security.SecurityConstants;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter;
import org.springframework.web.cors.CorsConfigurationSource;
@Configuration
@Order(4)
@Slf4j
@RequiredArgsConstructor
public class UnmannedApiSecurityConfig extends WebSecurityConfigurerAdapter {
private final CorsConfigurationSource corsConfigurationSource;
private final AuthenticationEntryPoint restApiAuthenticationEntryPoint;
private final AccessDeniedHandler restApiAccessDeniedHandler;
private final AuthenticationProvider unmannedApiAuthenticationProvider;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().configurationSource(corsConfigurationSource);
http.antMatcher(SecurityConstants.UNMANNED_API_PATH + "/**")
.cors().configurationSource(corsConfigurationSource).and()
.authorizeRequests()
.antMatchers(SecurityConstants.UNMANNED_API_PATH + "/**").authenticated()
.anyRequest().denyAll()
.and()
.addFilterAfter(unmannedAuthenticationFilter(), RememberMeAuthenticationFilter.class)
.exceptionHandling()
.authenticationEntryPoint(restApiAuthenticationEntryPoint)
.accessDeniedHandler(restApiAccessDeniedHandler)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.csrf().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(unmannedApiAuthenticationProvider);
}
private UnmannedAuthenticationFilter unmannedAuthenticationFilter() throws Exception {
return new UnmannedAuthenticationFilter(authenticationManager(), restApiAuthenticationEntryPoint);
}
}