From fa03edf32d96559e7877348a1288b671f3231f7c Mon Sep 17 00:00:00 2001 From: Anton Romanov Date: Wed, 27 Nov 2019 23:36:33 +0400 Subject: [PATCH] fix messages --- .../configuration/SecurityConfiguration.java | 84 ++----------------- 1 file changed, 5 insertions(+), 79 deletions(-) diff --git a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java index 61a0a8c..c1c1199 100644 --- a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java +++ b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java @@ -29,6 +29,7 @@ import org.springframework.security.web.authentication.AuthenticationFailureHand import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; import ru.ulstu.core.model.AuthFailureHandler; +import ru.ulstu.core.navigation.Page; import ru.ulstu.user.model.UserRoleConstants; import ru.ulstu.user.service.UserService; @@ -76,8 +77,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { - http.csrf() - .disable(); + http.csrf().disable(); if (applicationProperties.isDevMode()) { log.debug("Security disabled"); http.authorizeRequests() @@ -92,6 +92,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { .permitAll() .anyRequest() .authenticated() + .antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN) .and() .formLogin() .loginPage("/login.xhtml") @@ -108,12 +109,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { .tokenEndpoint() .accessTokenResponseClient(accessTokenResponseClient()) .and() - .defaultSuccessUrl("/index.xhtml") + .defaultSuccessUrl(Page.INDEX) .failureUrl("/loginFailure") .and() .logout() .logoutSuccessHandler(logoutSuccessHandler) - .logoutSuccessUrl(Constants.LOGOUT_URL) + .logoutSuccessUrl(Page.LOGOUT) .invalidateHttpSession(true) .clearAuthentication(true) .deleteCookies(Constants.COOKIES_NAME) @@ -191,79 +192,4 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { throw new BeanInitializationException("Security configuration failed", e); } } - - /* @Override - protected void configure(HttpSecurity http) throws Exception { - http.csrf() - .disable(); - if (applicationProperties.isDevMode()) { - log.debug("Security disabled"); - http.authorizeRequests() - .anyRequest() - .permitAll(); - http.anonymous() - .principal("admin") - .authorities(UserRoleConstants.ADMIN); - } else { - log.debug("Security enabled"); - http.authorizeRequests() - .antMatchers(UserController.ACTIVATE_URL).permitAll() - .antMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll() - .antMatchers(Constants.PASSWORD_RESET_PAGE).permitAll() - .antMatchers("/users/block").permitAll() - .antMatchers(UserController.URL + UserController.REGISTER_URL).permitAll() - .antMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll() - .antMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll() - .antMatchers(UserController.URL + UserController.PASSWORD_RESET_URL).permitAll() - .antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN) - .anyRequest().authenticated() - .and() - .formLogin() - .loginPage("/login.xhtml") - .successHandler(authenticationSuccessHandler) - .failureHandler(authenticationFailureHandler) - .permitAll() - .and() - .logout() - .logoutSuccessHandler(logoutSuccessHandler) - .logoutSuccessUrl(Constants.LOGOUT_URL) - .invalidateHttpSession(false) - .clearAuthentication(true) - .deleteCookies(Constants.COOKIES_NAME) - .permitAll(); - } - if (applicationProperties.isUseHttps()) { - http.portMapper() - .http(httpPort) - .mapsTo(httpsPort) - .and() - .requiresChannel() - .anyRequest() - .requiresSecure(); - } - - } - - @Override - public void configure(WebSecurity web) { - web.ignoring() - .antMatchers("/css/**") - .antMatchers("/javax.faces.resource/**") - .antMatchers("/js/**") - .antMatchers("/templates/**") - .antMatchers("/webjars/**") - .antMatchers("/img/**"); - } - - @Autowired - public void configureGlobal(AuthenticationManagerBuilder auth) { - if (applicationProperties.isDevMode()) { - return; - } - try { - auth.userDetailsService(userService).passwordEncoder(bCryptPasswordEncoder); - } catch (Exception e) { - throw new BeanInitializationException("Security configuration failed", e); - } - }*/ }