diff --git a/pom.xml b/pom.xml
index 1b8132d..6e03d4e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.7.6
+ 3.0.2
com.cb
@@ -25,10 +25,6 @@
org.springframework.boot
spring-boot-starter-data-jpa
-
- org.springframework.boot
- spring-boot-starter-validation
-
org.springframework.boot
spring-boot-starter-security
@@ -37,18 +33,17 @@
org.springframework.boot
spring-boot-starter-thymeleaf
+
+ org.springframework.boot
+ spring-boot-starter-validation
+
org.springframework.boot
spring-boot-starter-web
org.thymeleaf.extras
- thymeleaf-extras-springsecurity5
-
-
- org.projectlombok
- lombok
- true
+ thymeleaf-extras-springsecurity6
org.springframework.boot
@@ -61,6 +56,11 @@
mysql-connector-j
runtime
+
+ org.projectlombok
+ lombok
+ true
+
org.springframework.boot
spring-boot-starter-test
@@ -72,14 +72,20 @@
test
-
org.springframework.boot
spring-boot-maven-plugin
+
+
+
+ org.projectlombok
+ lombok
+
+
+
-
-
+
\ No newline at end of file
diff --git a/src/main/java/com/cb/conf/SpringSecurity.java b/src/main/java/com/cb/conf/SpringSecurity.java
index fa1210b..74b81b3 100644
--- a/src/main/java/com/cb/conf/SpringSecurity.java
+++ b/src/main/java/com/cb/conf/SpringSecurity.java
@@ -7,7 +7,6 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@Configuration
@EnableWebSecurity
@@ -18,28 +17,24 @@ public class SpringSecurity {
return new BCryptPasswordEncoder();
}
- // configure SecurityFilterChain
@Bean
- public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf().disable()
- .authorizeRequests()
- .antMatchers("/registration/**").permitAll()
- .antMatchers("/login/**").permitAll()
- .antMatchers("/user/**").hasAnyRole("USER", "ADMIN")
- .antMatchers("/admin/**").hasAnyRole("ADMIN")
- .and()
- .formLogin(
- form -> form
- .loginPage("/login")
- .loginProcessingUrl("/login")
- .defaultSuccessUrl("/user/")
- .permitAll()
- ).logout(
- logout -> logout
- .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
- .permitAll()
-
- );
+ .authorizeHttpRequests((requests) -> requests
+ .requestMatchers("/registration/**").permitAll()
+ .requestMatchers("/login/**").permitAll()
+ .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
+ .requestMatchers("/admin/**").hasAnyRole("ADMIN")
+ .anyRequest().authenticated()
+ )
+ .formLogin((form) -> form
+ .loginPage("/login")
+ .loginProcessingUrl("/login")
+ .defaultSuccessUrl("/user/")
+ .permitAll()
+ )
+ .logout((logout) -> logout.permitAll())
+ .exceptionHandling().accessDeniedPage("/access-denied");
return http.build();
}
}
diff --git a/src/main/java/com/cb/controller/LoginController.java b/src/main/java/com/cb/controller/LoginController.java
index 1050e98..2d60e6d 100644
--- a/src/main/java/com/cb/controller/LoginController.java
+++ b/src/main/java/com/cb/controller/LoginController.java
@@ -3,6 +3,7 @@ package com.cb.controller;
import com.cb.dto.UserDto;
import com.cb.model.User;
import com.cb.service.UserService;
+import jakarta.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
@@ -12,8 +13,6 @@ import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
-import javax.validation.Valid;
-
@Controller
public class LoginController {
diff --git a/src/main/java/com/cb/dto/UserDto.java b/src/main/java/com/cb/dto/UserDto.java
index b781bbe..b2df0f1 100644
--- a/src/main/java/com/cb/dto/UserDto.java
+++ b/src/main/java/com/cb/dto/UserDto.java
@@ -1,13 +1,12 @@
package com.cb.dto;
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotEmpty;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.validation.constraints.Email;
-import javax.validation.constraints.NotEmpty;
-
@Getter
@Setter
@NoArgsConstructor
diff --git a/src/main/java/com/cb/model/Role.java b/src/main/java/com/cb/model/Role.java
index 92c4e20..ca30ed3 100644
--- a/src/main/java/com/cb/model/Role.java
+++ b/src/main/java/com/cb/model/Role.java
@@ -1,11 +1,11 @@
package com.cb.model;
+import jakarta.persistence.*;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.persistence.*;
import java.util.ArrayList;
import java.util.List;
diff --git a/src/main/java/com/cb/model/User.java b/src/main/java/com/cb/model/User.java
index 584d528..7d3b426 100644
--- a/src/main/java/com/cb/model/User.java
+++ b/src/main/java/com/cb/model/User.java
@@ -1,11 +1,11 @@
package com.cb.model;
+import jakarta.persistence.*;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.persistence.*;
import java.util.ArrayList;
import java.util.List;
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
deleted file mode 100644
index 54e24fb..0000000
--- a/src/main/resources/application.properties
+++ /dev/null
@@ -1,15 +0,0 @@
-# JPA
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
-spring.jpa.hibernate.ddl-auto=update
-# Connection Pool
-spring.datasource.hikari.connection-timeout=20000
-spring.datasource.hikari.minimum-idle=10
-spring.datasource.hikari.maximum-pool-size=10
-spring.datasource.hikari.idle-timeout=10000
-spring.datasource.hikari.max-lifetime=1000
-spring.datasource.hikari.auto-commit=true
-# MySql
-spring.datasource.url=jdbc:mysql://localhost/spring-security-form-login
-spring.datasource.username=root
-spring.datasource.password=root
-
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
new file mode 100644
index 0000000..67bb650
--- /dev/null
+++ b/src/main/resources/application.yml
@@ -0,0 +1,25 @@
+# JPA
+spring:
+ jpa:
+ properties:
+ hibernate:
+ dialect: org.hibernate.dialect.MySQL5InnoDBDialect
+ ddl-auto: update
+ # MySql
+ datasource:
+ url: jdbc:mysql://localhost/spring-security-form-login
+ username: root
+ password: root
+ # Connection Pool
+ hikari:
+ connection-timeout: 20000
+ minimum-idle: 10
+ maximum-pool-size: 10
+ idle-timeout: 10000
+ max-lifetime: 1000
+ auto-commit: true
+
+
+
+
+