version 1.0.0

This commit is contained in:
_Bastler 2021-11-05 18:25:09 +01:00
parent 6d4818943a
commit 2a646b0ece
2 changed files with 25 additions and 13 deletions

View File

@ -10,7 +10,7 @@
<properties> <properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>11</java.version> <java.version>11</java.version>
<revision>0.5.0-SNAPSHOT</revision> <revision>1.0.0</revision>
</properties> </properties>
<parent> <parent>

View File

@ -3,6 +3,8 @@
*/ */
package de.bstly.board.security; package de.bstly.board.security;
import java.util.Collections;
import javax.sql.DataSource; import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -22,10 +24,14 @@ import org.springframework.security.web.authentication.rememberme.JdbcTokenRepos
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices; import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository; import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import com.google.common.collect.Lists;
import de.bstly.board.businesslogic.UserManager; import de.bstly.board.businesslogic.UserManager;
/** /**
* The Class SecurityConfig. * The Class SecurityConfig.
*/ */
@ -33,29 +39,21 @@ import de.bstly.board.businesslogic.UserManager;
@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired @Autowired
private UserManager localUserManager; private UserManager localUserManager;
@Autowired @Autowired
private OAuth2AuthenticationSuccessHandler oAuth2AuthenticationSuccessHandler; private OAuth2AuthenticationSuccessHandler oAuth2AuthenticationSuccessHandler;
@Autowired @Autowired
private DataSource dataSource; private DataSource dataSource;
@Value("${loginUrl:/login}") @Value("${loginUrl:/login}")
private String loginUrl; private String loginUrl;
@Value("${loginTargetUrl:/}") @Value("${loginTargetUrl:/}")
private String loginTargetUrl; private String loginTargetUrl;
/* /*
* @see org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter#configure(org.springframework.security.config.annotation.web.builders.HttpSecurity) * @see org.springframework.security.config.annotation.web.configuration.
* WebSecurityConfigurerAdapter#configure(org.springframework.security.config.
* annotation.web.builders.HttpSecurity)
*/ */
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
@ -66,6 +64,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
http http
// crsf // crsf
.csrf().disable() .csrf().disable()
// cors
// .cors().configurationSource(corsConfigurationSource()).and()
// anonymous // anonymous
.anonymous().disable() .anonymous().disable()
// login // login
@ -126,4 +126,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
return rememberMeServices; return rememberMeServices;
} }
@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOriginPatterns(Lists.newArrayList("localhost", "http://localhost",
"http://localhost:4200", "https://board.bstly.lh8.de"));
configuration.setAllowedMethods(Collections.singletonList("*"));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(Collections.singletonList("*"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
} }