org.echocat.marquardt.example.SecurityConfiguration Maven / Gradle / Ivy
/*
* echocat Marquardt Java SDK, Copyright (c) 2015 echocat
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
package org.echocat.marquardt.example;
import org.echocat.marquardt.common.CertificateValidator;
import org.echocat.marquardt.example.domain.ExampleRoles;
import org.echocat.marquardt.example.domain.UserInfo;
import org.echocat.marquardt.service.spring.SpringSecurityCertificateAuthenticationFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private CertificateValidator _certificateValidator;
@Override
protected void configure(final HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/exampleservice/adminResource").hasRole("ADMIN")
.antMatchers("/exampleservice/someProtectedResource**").authenticated()
.antMatchers("/**").permitAll()
.and()
.addFilterBefore(certificateAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
}
private SpringSecurityCertificateAuthenticationFilter certificateAuthenticationFilter() {
return new SpringSecurityCertificateAuthenticationFilter(_certificateValidator) {
@Override
protected String getIdentifier(final UserInfo signable) {
return signable.getUserId().toString();
}
};
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy