nova
/
Chatto
1
0
Fork 0
Code Issues 7 Pull Requests Releases Wiki Activity
A self hosted chat application with end-to-end encrypted messaging.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
4 Branches
0 Tags
10 MiB
 
 
 
 
 
 
Tree: 2625cf7865
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2625cf7865'
${ noResults }
Chatto/chatto/src/main/java/org/ros/chatto/WebSecurityConfiguration.java

189 lines
6.7 KiB
Raw Blame History

package org.ros.chatto;
import org.ros.chatto.security.MyUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserCache;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@Configuration
@EnableWebSecurity
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private AuthenticationSuccessHandler authenticationSuccessHandler;
@Autowired
private MyUserDetailsService myUserDetailsService;
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private UserCache userCache;
// @SuppressWarnings("deprecation")
@Bean
public AuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(myUserDetailsService);
provider.setUserCache(userCache);
provider.setPasswordEncoder(passwordEncoder);
return provider;
}
@Bean
public static PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Configuration
@Order(1)
public static class ApiWebSecurity extends WebSecurityConfigurerAdapter {
@Autowired
private RESTAuthenticationEntryPoint authenticationEntryPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().exceptionHandling()
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// .cors().and()
.antMatcher("/api/**").authorizeRequests()
// .antMatchers("/perform-login").permitAll()
.anyRequest()
// .hasAnyRole("USER", "ADMIN", "SUPER_USER")
.authenticated().and().httpBasic().authenticationEntryPoint(authenticationEntryPoint)
// .and()
// .logout().invalidateHttpSession(true).clearAuthentication(true)
// .logoutRequestMatcher(new AntPathRequestMatcher("/api/perform_logout"))
// .logoutSuccessUrl("/").permitAll()
// .and()
// .formLogin()
// .loginProcessingUrl("/api/perform_login").permitAll()
// .and()
// .formLogin()
// .and()
// .logout();
;
}
// @Override
// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.eraseCredentials(false);
// }
//
// public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
//
// }
}
@Configuration
@Order(2)
public static class FormWebSecurity extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.authorizeRequests()
// .antMatchers(HttpMethod.POST, "/api/**").permitAll()
.antMatchers("/", "perform_login","/logout**" ,"/favicon.ico","/login*", "/registration", "/perform_registration", "/css/**",
"/js/**", "/img/**")
.permitAll()
// .antMatchers("/","/api**","/api/**","/login*","/registration","/perform_registration","/css/**", "/js/**", "/images/**").permitAll()
.antMatchers("/user/**").hasAnyRole("USER", "ADMIN", "SUPER_USER").antMatchers("/admin/**")
.hasAnyRole("ADMIN", "SUPER_USER")
// .and()
// .antMatcher("/api/**")
// .authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login").permitAll().loginProcessingUrl("/perform_login")
// .successHandler(authenticationSuccessHandler)
// .failureUrl("/?login_error")
// .and()
// .logout().invalidateHttpSession(true)
// .clearAuthentication(true)
// .logoutRequestMatcher(new AntPathRequestMatcher("/perform_logout"))
// .logoutSuccessUrl("/").permitAll()
// .and().httpBasic();
// .and().cors()
.and().csrf().disable();
;
// httpSecurity
// .csrf().disable()
// .authorizeRequests().antMatchers("login").permitAll()
// .anyRequest().authenticated()
// .and()
// .formLogin()
// .loginPage("/login").permitAll()
// .and()
// .logout().invalidateHttpSession(true)
// .clearAuthentication(true)
// .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
// .logoutSuccessUrl("/").permitAll();
}
// @Override
// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.eraseCredentials(false);
// }
}
// @Override
// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.eraseCredentials(false);
// }
// @Override
// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.inMemoryAuthentication()
// .withUser("user")
// .password("{noop}user")
// .roles("USER")
// .and()
// .withUser("admin")
// .password("{noop}admin")
// .roles("ADMIN");
//// auth.userDetailsService(myUserDetailsService);
//
// }
// @Bean
// @Override
// public UserDetailsService userDetailsService(String usern) {
//// UserDetails user =
//// User.withDefaultPasswordEncoder()
//// .username("user")
//// .password("password")
//// .roles("USER")
//// .build();
////
//// return new InMemoryUserDetailsManager(user);
// myUserDetailsService.loadUserByUsername(username)
//
// }
// @Override
// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.userDetailsService(myUserDetailsService);
// }
// auth.userDetailsService(myUserDetailsService);
// }
}