version 1.0.0
This commit is contained in:
parent
6d4818943a
commit
2a646b0ece
2
pom.xml
2
pom.xml
@ -10,7 +10,7 @@
|
|||||||
<properties>
|
<properties>
|
||||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||||
<java.version>11</java.version>
|
<java.version>11</java.version>
|
||||||
<revision>0.5.0-SNAPSHOT</revision>
|
<revision>1.0.0</revision>
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
<parent>
|
<parent>
|
||||||
|
@ -3,6 +3,8 @@
|
|||||||
*/
|
*/
|
||||||
package de.bstly.board.security;
|
package de.bstly.board.security;
|
||||||
|
|
||||||
|
import java.util.Collections;
|
||||||
|
|
||||||
import javax.sql.DataSource;
|
import javax.sql.DataSource;
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
@ -22,10 +24,14 @@ import org.springframework.security.web.authentication.rememberme.JdbcTokenRepos
|
|||||||
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
|
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
|
||||||
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
|
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||||
|
import org.springframework.web.cors.CorsConfiguration;
|
||||||
|
import org.springframework.web.cors.CorsConfigurationSource;
|
||||||
|
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||||
|
|
||||||
|
import com.google.common.collect.Lists;
|
||||||
|
|
||||||
import de.bstly.board.businesslogic.UserManager;
|
import de.bstly.board.businesslogic.UserManager;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Class SecurityConfig.
|
* The Class SecurityConfig.
|
||||||
*/
|
*/
|
||||||
@ -33,29 +39,21 @@ import de.bstly.board.businesslogic.UserManager;
|
|||||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private UserManager localUserManager;
|
private UserManager localUserManager;
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private OAuth2AuthenticationSuccessHandler oAuth2AuthenticationSuccessHandler;
|
private OAuth2AuthenticationSuccessHandler oAuth2AuthenticationSuccessHandler;
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private DataSource dataSource;
|
private DataSource dataSource;
|
||||||
|
|
||||||
|
|
||||||
@Value("${loginUrl:/login}")
|
@Value("${loginUrl:/login}")
|
||||||
private String loginUrl;
|
private String loginUrl;
|
||||||
|
|
||||||
|
|
||||||
@Value("${loginTargetUrl:/}")
|
@Value("${loginTargetUrl:/}")
|
||||||
private String loginTargetUrl;
|
private String loginTargetUrl;
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* @see org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter#configure(org.springframework.security.config.annotation.web.builders.HttpSecurity)
|
* @see org.springframework.security.config.annotation.web.configuration.
|
||||||
|
* WebSecurityConfigurerAdapter#configure(org.springframework.security.config.
|
||||||
|
* annotation.web.builders.HttpSecurity)
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
@ -66,6 +64,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||||||
http
|
http
|
||||||
// crsf
|
// crsf
|
||||||
.csrf().disable()
|
.csrf().disable()
|
||||||
|
// cors
|
||||||
|
// .cors().configurationSource(corsConfigurationSource()).and()
|
||||||
// anonymous
|
// anonymous
|
||||||
.anonymous().disable()
|
.anonymous().disable()
|
||||||
// login
|
// login
|
||||||
@ -126,4 +126,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||||||
return rememberMeServices;
|
return rememberMeServices;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public CorsConfigurationSource corsConfigurationSource() {
|
||||||
|
CorsConfiguration configuration = new CorsConfiguration();
|
||||||
|
configuration.setAllowedOriginPatterns(Lists.newArrayList("localhost", "http://localhost",
|
||||||
|
"http://localhost:4200", "https://board.bstly.lh8.de"));
|
||||||
|
configuration.setAllowedMethods(Collections.singletonList("*"));
|
||||||
|
configuration.setAllowCredentials(true);
|
||||||
|
configuration.setAllowedHeaders(Collections.singletonList("*"));
|
||||||
|
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
||||||
|
source.registerCorsConfiguration("/**", configuration);
|
||||||
|
return source;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user