fix messages
This commit is contained in:
parent
4e1d99392a
commit
fa03edf32d
@ -29,6 +29,7 @@ import org.springframework.security.web.authentication.AuthenticationFailureHand
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||
import ru.ulstu.core.model.AuthFailureHandler;
|
||||
import ru.ulstu.core.navigation.Page;
|
||||
import ru.ulstu.user.model.UserRoleConstants;
|
||||
import ru.ulstu.user.service.UserService;
|
||||
|
||||
@ -76,8 +77,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf()
|
||||
.disable();
|
||||
http.csrf().disable();
|
||||
if (applicationProperties.isDevMode()) {
|
||||
log.debug("Security disabled");
|
||||
http.authorizeRequests()
|
||||
@ -92,6 +92,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
.permitAll()
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
|
||||
.and()
|
||||
.formLogin()
|
||||
.loginPage("/login.xhtml")
|
||||
@ -108,12 +109,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
.tokenEndpoint()
|
||||
.accessTokenResponseClient(accessTokenResponseClient())
|
||||
.and()
|
||||
.defaultSuccessUrl("/index.xhtml")
|
||||
.defaultSuccessUrl(Page.INDEX)
|
||||
.failureUrl("/loginFailure")
|
||||
.and()
|
||||
.logout()
|
||||
.logoutSuccessHandler(logoutSuccessHandler)
|
||||
.logoutSuccessUrl(Constants.LOGOUT_URL)
|
||||
.logoutSuccessUrl(Page.LOGOUT)
|
||||
.invalidateHttpSession(true)
|
||||
.clearAuthentication(true)
|
||||
.deleteCookies(Constants.COOKIES_NAME)
|
||||
@ -191,79 +192,4 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
throw new BeanInitializationException("Security configuration failed", e);
|
||||
}
|
||||
}
|
||||
|
||||
/* @Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf()
|
||||
.disable();
|
||||
if (applicationProperties.isDevMode()) {
|
||||
log.debug("Security disabled");
|
||||
http.authorizeRequests()
|
||||
.anyRequest()
|
||||
.permitAll();
|
||||
http.anonymous()
|
||||
.principal("admin")
|
||||
.authorities(UserRoleConstants.ADMIN);
|
||||
} else {
|
||||
log.debug("Security enabled");
|
||||
http.authorizeRequests()
|
||||
.antMatchers(UserController.ACTIVATE_URL).permitAll()
|
||||
.antMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll()
|
||||
.antMatchers(Constants.PASSWORD_RESET_PAGE).permitAll()
|
||||
.antMatchers("/users/block").permitAll()
|
||||
.antMatchers(UserController.URL + UserController.REGISTER_URL).permitAll()
|
||||
.antMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll()
|
||||
.antMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll()
|
||||
.antMatchers(UserController.URL + UserController.PASSWORD_RESET_URL).permitAll()
|
||||
.antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.loginPage("/login.xhtml")
|
||||
.successHandler(authenticationSuccessHandler)
|
||||
.failureHandler(authenticationFailureHandler)
|
||||
.permitAll()
|
||||
.and()
|
||||
.logout()
|
||||
.logoutSuccessHandler(logoutSuccessHandler)
|
||||
.logoutSuccessUrl(Constants.LOGOUT_URL)
|
||||
.invalidateHttpSession(false)
|
||||
.clearAuthentication(true)
|
||||
.deleteCookies(Constants.COOKIES_NAME)
|
||||
.permitAll();
|
||||
}
|
||||
if (applicationProperties.isUseHttps()) {
|
||||
http.portMapper()
|
||||
.http(httpPort)
|
||||
.mapsTo(httpsPort)
|
||||
.and()
|
||||
.requiresChannel()
|
||||
.anyRequest()
|
||||
.requiresSecure();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configure(WebSecurity web) {
|
||||
web.ignoring()
|
||||
.antMatchers("/css/**")
|
||||
.antMatchers("/javax.faces.resource/**")
|
||||
.antMatchers("/js/**")
|
||||
.antMatchers("/templates/**")
|
||||
.antMatchers("/webjars/**")
|
||||
.antMatchers("/img/**");
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void configureGlobal(AuthenticationManagerBuilder auth) {
|
||||
if (applicationProperties.isDevMode()) {
|
||||
return;
|
||||
}
|
||||
try {
|
||||
auth.userDetailsService(userService).passwordEncoder(bCryptPasswordEncoder);
|
||||
} catch (Exception e) {
|
||||
throw new BeanInitializationException("Security configuration failed", e);
|
||||
}
|
||||
}*/
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user