Untitled

package com.taiwanlife.tcavmgt.config;

import com.taiwanlife.tcavmgt.entrypoint.MyBasicAuthenticationEntryPoint;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class SecurityConfig
{
	@Autowired
	SecurityProperties securityProperties;
	
	@Autowired
	MyBasicAuthenticationEntryPoint  myBasicAuthenticationEntryPoint;
	
    protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception
    {
		http
				.csrf(csrf -> csrf.disable())
				.authorizeRequests()
				.requestMatchers("/swagger-ui.html")
				.authenticated()
				.and()
				.httpBasic(httpBasic -> httpBasic.authenticationEntryPoint(myBasicAuthenticationEntryPoint))
		;
		return http.build();
    }
  
    @Autowired
	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
	{
		auth
			.inMemoryAuthentication()
			.withUser(securityProperties.getUser().getName())
			.password("{noop}" + securityProperties.getUser().getPassword())
			.roles("ADMIN");
	}
}