исправил конфигурацию сервиса безопасности
This commit is contained in:
parent
82dfb189dd
commit
928e7a1e30
@ -16,6 +16,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@ -24,11 +25,16 @@ public class SecurityConfiguration {
|
||||
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
|
||||
private final UserService userService;
|
||||
private final BCryptPasswordEncoder bCryptPasswordEncoder;
|
||||
private final AuthenticationSuccessHandler authenticationSuccessHandler;
|
||||
//private final LogoutSuccessHandler logoutSuccessHandler;
|
||||
|
||||
|
||||
public SecurityConfiguration(UserService userService,
|
||||
BCryptPasswordEncoder bCryptPasswordEncoder) {
|
||||
BCryptPasswordEncoder bCryptPasswordEncoder,
|
||||
AuthenticationSuccessHandler authenticationSuccessHandler) {
|
||||
this.userService = userService;
|
||||
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
|
||||
this.authenticationSuccessHandler = authenticationSuccessHandler;
|
||||
}
|
||||
|
||||
@Bean
|
||||
@ -39,6 +45,7 @@ public class SecurityConfiguration {
|
||||
//.requestMatchers(UserController.ACTIVATE_URL).permitAll()
|
||||
.requestMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll()
|
||||
.requestMatchers(Constants.PASSWORD_RESET_PAGE).permitAll()
|
||||
.requestMatchers(Constants.CONTACTS_PAGE).permitAll()
|
||||
//.requestMatchers(UserController.URL + UserController.REGISTER_URL).permitAll()
|
||||
//.requestMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll()
|
||||
//.requestMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll()
|
||||
@ -46,8 +53,9 @@ public class SecurityConfiguration {
|
||||
.requestMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
|
||||
.anyRequest().authenticated())
|
||||
.formLogin(fl -> fl
|
||||
.loginPage("/login")
|
||||
//.successHandler(authenticationSuccessHandler)
|
||||
.loginPage("/logform")
|
||||
.successHandler(authenticationSuccessHandler)
|
||||
.defaultSuccessUrl("/", true)
|
||||
.permitAll())
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
.logout(l -> l
|
||||
@ -62,7 +70,7 @@ public class SecurityConfiguration {
|
||||
|
||||
@Bean
|
||||
public WebSecurityCustomizer webSecurityCustomizer() {
|
||||
return (web) -> web.ignoring().requestMatchers("/css/**", "/js/**", "/templates/**", "/webjars/**");
|
||||
return (web) -> web.ignoring().requestMatchers("/assets.js/**", "/bootstrap_theme/**", "/bootstrap/**", "/css/**", "/js/**", "/templates/**", "/webjars/**");
|
||||
}
|
||||
|
||||
@Autowired
|
||||
|
Loading…
Reference in New Issue
Block a user