Revision 57650
Added by Michele Artini over 4 years ago
WebSecurityConfig.java | ||
---|---|---|
33 | 33 |
.authorizeRequests() |
34 | 34 |
.antMatchers("/", "/api/**") |
35 | 35 |
.hasAnyRole(OpenOrgsConstants.userRole, OpenOrgsConstants.superUserRole) |
36 |
.antMatchers("/public_api/**") |
|
37 |
.hasRole(OpenOrgsConstants.notAuthorizedRole) |
|
36 | 38 |
.antMatchers("/resources/**", "/webjars/**", "/public_api/**") |
37 | 39 |
.permitAll() |
38 | 40 |
.anyRequest() |
... | ... | |
56 | 58 |
.usersByUsernameQuery("select ?, '{MD5}60c4a0eb167dd41e915a885f582414df', true") // TODO: this is a MOCK, the user should |
57 | 59 |
// be authenticated using the openaire |
58 | 60 |
// credentials |
59 |
.authoritiesByUsernameQuery("with const as (SELECT ? as email) select c.email, coalesce(u.role, 'UNAUTHORIZED') from const c left outer join users u on (u.email = c.email)");
|
|
61 |
.authoritiesByUsernameQuery("with const as (SELECT ? as email) select c.email, 'ROLE_'||coalesce(u.role, 'NOTAUTHORIZED') from const c left outer join users u on (u.email = c.email)");
|
|
60 | 62 |
} |
61 | 63 |
|
62 | 64 |
@Bean |
Also available in: Unified diff
new registration form