move security content from spring-security-rest-full (#2731)

* move security content from spring-security-rest-full * swagger update
2017-10-22 19:35:08 +03:00
parent e7252f61aa
commit 3ed7609758
41 changed files with 419 additions and 230 deletions
--- a/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java
+++ b/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java
@@ -1,10 +1,13 @@
 package org.baeldung.spring;

 import org.baeldung.security.MySavedRequestAwareAuthenticationSuccessHandler;
+import org.baeldung.web.error.CustomAccessDeniedHandler;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -13,9 +16,13 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationFa

@Configuration
@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
@ComponentScan("org.baeldung.security")
 public class SecurityJavaConfig extends WebSecurityConfigurerAdapter {

+    @Autowired
+    private CustomAccessDeniedHandler accessDeniedHandler;
+
    // @Autowired
    // private RestAuthenticationEntryPoint restAuthenticationEntryPoint;

@@ -40,14 +47,15 @@ public class SecurityJavaConfig extends WebSecurityConfigurerAdapter {
        .csrf().disable()
        .authorizeRequests()
        .and()
-        .exceptionHandling()
-//        .authenticationEntryPoint(restAuthenticationEntryPoint)
+        .exceptionHandling().accessDeniedHandler(accessDeniedHandler)
+        //        .authenticationEntryPoint(restAuthenticationEntryPoint)
        .and()
        .authorizeRequests()
        .antMatchers("/api/csrfAttacker*").permitAll()
        .antMatchers("/api/customer/**").permitAll()
        .antMatchers("/api/foos/**").authenticated()
        .antMatchers("/api/async/**").permitAll()
+        .antMatchers("/api/admin/**").hasRole("ADMIN")
        .and()
        .httpBasic()
 //        .and()