Untitled
unknown
plain_text
a year ago
2.9 kB
3
Indexable
Never
package springMVC.mvcSpring.config; import lombok.RequiredArgsConstructor; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.SecurityFilterChain; import springMVC.mvcSpring.service.AuthenticationService; @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) @RequiredArgsConstructor public class SecurityConfig { @Autowired private AuthenticationService authenticationService; @Bean public WebSecurityCustomizer webSecurityCustomizer() { return (web) -> web.ignoring().antMatchers( "/signup"); } @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class); authenticationManagerBuilder.authenticationProvider(this.authenticationService); AuthenticationManager authenticationManager = authenticationManagerBuilder.build(); http.csrf().disable().cors().disable().authorizeHttpRequests().antMatchers("/signup").permitAll() .anyRequest().authenticated() .and() .authenticationManager(authenticationManager) .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); http.formLogin() .loginPage("/login") .permitAll(); http.formLogin() .defaultSuccessUrl("/chat", true); return http.build(); } // @Override // protected void configure(HttpSecurity http) throws Exception { // http.authorizeRequests() // .antMatchers("/signup", "/css/**", "/js/**").permitAll() // .anyRequest().authenticated(); // // http.formLogin() // .loginPage("/login") // .permitAll(); // // http.formLogin() // .defaultSuccessUrl("/chat", true); // } }