Subversion Repositories Integrator Subversion

Rev

Rev 218 | Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
216 espaco 1 
package br.com.ec.controller.seguranca;
2 
 
3 
import org.springframework.beans.factory.annotation.Autowired;
4 
import org.springframework.context.annotation.Bean;
5 
import org.springframework.context.annotation.Configuration;
6 
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
7 
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
8 
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
9 
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
10 
import org.springframework.security.core.userdetails.UserDetailsService;
11 
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
12 
import org.springframework.security.crypto.password.PasswordEncoder;  
13 
 
14 
@Configuration
15 
@EnableWebSecurity
16 
public class SecurityConfig extends WebSecurityConfigurerAdapter {
17 
 
18 
    @Autowired
19 
    private UserDetailsService userDetailsService;
20 
 
21 
    @Override
22 
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
23 
        auth.inMemoryAuthentication()
24 
        .passwordEncoder(passwordEncoder())
25 
        .withUser("user").password(passwordEncoder().encode("123456")).roles("USER")
26 
        .and()
27 
        .withUser("admin").password(passwordEncoder().encode("123456")).roles("USER", "ADMIN")
28 
        .and()
29 
        .withUser("bruno").password(passwordEncoder().encode("brunolp0910")).roles("USER", "ADMIN");
30 
//      auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
31 
    }
32 
 
33 
    @Bean
34 
    public PasswordEncoder passwordEncoder() {
35 
        return new BCryptPasswordEncoder();
36 
    }
37 
 
38 
    @Override
39 
    protected void configure(HttpSecurity http) throws Exception {
40 
        http.authorizeRequests()
41 
        .antMatchers("/sistema/login").permitAll()
42 
//      .antMatchers("/sistema/**").authenticated()
43 
//      .anyRequest().authenticated()
44 
//              .anyRequest().hasAnyRole("ADMIN", "USER")
45 
                .and().authorizeRequests()
46 
                .antMatchers("/sistema/login").permitAll()
47 
                .and()
48 
                        .formLogin()
49 
                        .loginPage("/sistema/login.xhtml")
50 
                        .defaultSuccessUrl("/sistema/home.xhtml")
51 
                        .failureUrl("/sistema/login.xhtml?error=true")
52 
                        .loginProcessingUrl("/loginAcao").permitAll()
53 
                .and()
54 
                        .logout().logoutSuccessUrl("/sistema/login.xhtml?logout=true").invalidateHttpSession(true).permitAll()
55 
                .and().csrf().disable();
56 
        /*
57 
        http.authorizeRequests()
58 
        .antMatchers("/sistema/mega").permitAll()
59 
        .antMatchers("/sistema/home").permitAll()
60 
        .antMatchers("/sistema/login").permitAll()
61 
        .antMatchers("/sistema/**").hasAnyRole("ADMIN", "USER")
62 
        //.antMatchers("/sistema/**").authenticated()
63 
        .and()
64 
            .formLogin()
65 
            .loginPage("/sistema/login.xhtml")
66 
            .defaultSuccessUrl("/sistema/home.xhtml")
67 
            .failureUrl("/sistema/login.xhtml?error=true")
68 
            .permitAll()
69 
        .and()
70 
            .logout()
71 
            .logoutSuccessUrl("/sistema/login.xhtml?logout=true")
72 
            .invalidateHttpSession(true)
73 
            .permitAll()
74 
        .and()
75 
            .csrf()
76 
            .disable();
77 
        */
78 
    }
79 
 
80 
}