Revision 57646
Added by Michele Artini over 4 years ago
WebSecurityConfig.java | ||
---|---|---|
28 | 28 |
@Override |
29 | 29 |
protected void configure(final HttpSecurity http) throws Exception { |
30 | 30 |
|
31 |
http.csrf().disable() |
|
31 |
http.csrf() |
|
32 |
.disable() |
|
32 | 33 |
.authorizeRequests() |
33 |
.antMatchers("/", "/api/**").hasAnyRole(OpenOrgsConstants.userRole, OpenOrgsConstants.superUserRole) |
|
34 |
.antMatchers("/resources/**", "/webjars/**", "/public_api/**").permitAll() |
|
35 |
.anyRequest().authenticated() |
|
34 |
.antMatchers("/", "/api/**") |
|
35 |
.hasAnyRole(OpenOrgsConstants.userRole, OpenOrgsConstants.superUserRole) |
|
36 |
.antMatchers("/resources/**", "/webjars/**", "/public_api/**") |
|
37 |
.permitAll() |
|
38 |
.anyRequest() |
|
39 |
.authenticated() |
|
36 | 40 |
.and() |
37 | 41 |
.formLogin() |
38 | 42 |
.loginPage("/login") |
... | ... | |
41 | 45 |
.logout() |
42 | 46 |
.permitAll() |
43 | 47 |
.and() |
44 |
.exceptionHandling().accessDeniedHandler(accessDeniedHandler); |
|
48 |
.exceptionHandling() |
|
49 |
.accessDeniedHandler(accessDeniedHandler); |
|
45 | 50 |
} |
46 | 51 |
|
47 | 52 |
@Autowired |
48 | 53 |
public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception { |
49 |
auth.jdbcAuthentication().dataSource(dataSource) |
|
50 |
.usersByUsernameQuery("select email, password, valid from users where email=? and valid=true and role != 'PENDING'") |
|
51 |
.authoritiesByUsernameQuery("select email, 'ROLE_'||role from users where email=? and valid=true and role != 'PENDING'"); |
|
54 |
auth.jdbcAuthentication() |
|
55 |
.dataSource(dataSource) |
|
56 |
.usersByUsernameQuery("select ?, '{MD5}60c4a0eb167dd41e915a885f582414df', true") // TODO: this is a MOCK, the user should |
|
57 |
// be authenticated using the openaire |
|
58 |
// credentials |
|
59 |
.authoritiesByUsernameQuery("with const as (SELECT ? as email) select c.email, coalesce(u.role, 'UNAUTHORIZED') from const c left outer join users u on (u.email = c.email)"); |
|
52 | 60 |
} |
53 | 61 |
|
54 | 62 |
@Bean |
Also available in: Unified diff