add entry points (#1413)
This commit is contained in:
lor6
Eugen
@@ -9,6 +9,10 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@@ -31,10 +35,17 @@ public class MultipleEntryPointsSecurityConfig {
|
||||
//@formatter:off
|
||||
http.antMatcher("/admin/**")
|
||||
.authorizeRequests().anyRequest().hasRole("ADMIN")
|
||||
.and().httpBasic()
|
||||
.and().httpBasic().authenticationEntryPoint(authenticationEntryPoint())
|
||||
.and().exceptionHandling().accessDeniedPage("/403");
|
||||
//@formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
public AuthenticationEntryPoint authenticationEntryPoint(){
|
||||
BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint();
|
||||
entryPoint.setRealmName("admin realm");
|
||||
return entryPoint;
|
||||
}
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@@ -42,17 +53,31 @@ public class MultipleEntryPointsSecurityConfig {
|
||||
public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
|
||||
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
|
||||
//@formatter:off
|
||||
http.antMatcher("/user/**")
|
||||
.authorizeRequests().anyRequest().hasRole("USER")
|
||||
.and().formLogin().loginPage("/userLogin").loginProcessingUrl("/user/login")
|
||||
.and().formLogin().loginProcessingUrl("/user/login")
|
||||
.failureUrl("/userLogin?error=loginError").defaultSuccessUrl("/user/myUserPage")
|
||||
.and().logout().logoutUrl("/user/logout").logoutSuccessUrl("/multipleHttpLinks")
|
||||
.deleteCookies("JSESSIONID")
|
||||
.and().exceptionHandling().accessDeniedPage("/403")
|
||||
.and().exceptionHandling()
|
||||
.defaultAuthenticationEntryPointFor(loginUrlauthenticationEntryPointWithWarning(), new AntPathRequestMatcher("/user/private/**"))
|
||||
.defaultAuthenticationEntryPointFor(loginUrlauthenticationEntryPoint(), new AntPathRequestMatcher("/user/general/**"))
|
||||
.accessDeniedPage("/403")
|
||||
.and().csrf().disable();
|
||||
//@formatter:on
|
||||
}
|
||||
|
||||
@Bean
|
||||
public AuthenticationEntryPoint loginUrlauthenticationEntryPoint(){
|
||||
return new LoginUrlAuthenticationEntryPoint("/userLogin");
|
||||
}
|
||||
|
||||
@Bean
|
||||
public AuthenticationEntryPoint loginUrlauthenticationEntryPointWithWarning(){
|
||||
return new LoginUrlAuthenticationEntryPoint("/userLoginWithWarning");
|
||||
}
|
||||
}
|
||||
|
||||
@Configuration
|
||||
|
||||
@@ -16,10 +16,15 @@ public class PagesController {
|
||||
return "multipleHttpElems/myAdminPage";
|
||||
}
|
||||
|
||||
@RequestMapping("/user/myUserPage")
|
||||
@RequestMapping("/user/general/myUserPage")
|
||||
public String getUserPage() {
|
||||
return "multipleHttpElems/myUserPage";
|
||||
}
|
||||
|
||||
@RequestMapping("/user/private/myPrivateUserPage")
|
||||
public String getPrivateUserPage() {
|
||||
return "multipleHttpElems/myPrivateUserPage";
|
||||
}
|
||||
|
||||
@RequestMapping("/guest/myGuestPage")
|
||||
public String getGuestPage() {
|
||||
@@ -30,6 +35,11 @@ public class PagesController {
|
||||
public String getUserLoginPage() {
|
||||
return "multipleHttpElems/login";
|
||||
}
|
||||
|
||||
@RequestMapping("/userLoginWithWarning")
|
||||
public String getUserLoginPageWithWarning() {
|
||||
return "multipleHttpElems/loginWithWarning";
|
||||
}
|
||||
|
||||
@RequestMapping("/403")
|
||||
public String getAccessDeniedPage() {
|
||||
|
||||
Reference in New Issue
Block a user