Rev 216 | Rev 224 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 216 | Rev 218 | ||
|---|---|---|---|
| Line 13... | Line 13... | ||
| 13 | 13 | ||
| 14 | @Configuration |
14 | @Configuration |
| 15 | @EnableWebSecurity |
15 | @EnableWebSecurity |
| 16 | public class SecurityConfig extends WebSecurityConfigurerAdapter { |
16 | public class SecurityConfig extends WebSecurityConfigurerAdapter { |
| 17 | 17 | ||
| 18 | @Autowired |
- | |
| 19 | private UserDetailsService userDetailsService; |
- | |
| - | 18 | // @Autowired
|
|
| - | 19 | // private UserDetailsService userDetailsService;
|
|
| - | 20 | ||
| - | 21 | // @Autowired
|
|
| - | 22 | // private SistemaAuthenticationProvider sistemaAuthenticationProvider;
|
|
| 20 | 23 | ||
| 21 | @Override |
- | |
| 22 | protected void configure(AuthenticationManagerBuilder auth) throws Exception { |
- | |
| - | 24 | // @Override
|
|
| - | 25 | // protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
| - | 26 | // auth.authenticationProvider(sistemaAuthenticationProvider);
|
|
| - | 27 | // auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
|
|
| - | 28 | /*
|
|
| 23 | auth.inMemoryAuthentication() |
29 | auth.inMemoryAuthentication()
|
| 24 | .passwordEncoder(passwordEncoder()) |
30 | .passwordEncoder(passwordEncoder())
|
| 25 | .withUser("user").password(passwordEncoder().encode("123456")).roles("USER") |
31 | .withUser("user").password(passwordEncoder().encode("123456")).roles("USER")
|
| 26 | .and() |
32 | .and()
|
| 27 | .withUser("admin").password(passwordEncoder().encode("123456")).roles("USER", "ADMIN") |
33 | .withUser("admin").password(passwordEncoder().encode("123456")).roles("USER", "ADMIN")
|
| 28 | .and() |
34 | .and()
|
| 29 | .withUser("bruno").password(passwordEncoder().encode("brunolp0910")).roles("USER", "ADMIN"); |
35 | .withUser("bruno").password(passwordEncoder().encode("brunolp0910")).roles("USER", "ADMIN");
|
| 30 | // auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
|
- | |
| 31 | }
|
- | |
| - | 36 | */
|
|
| - | 37 | // }
|
|
| 32 | 38 | ||
| 33 | @Bean |
39 | @Bean |
| 34 | public PasswordEncoder passwordEncoder() { |
40 | public PasswordEncoder passwordEncoder() { |
| 35 | return new BCryptPasswordEncoder(); |
41 | return new BCryptPasswordEncoder(); |
| 36 | }
|
42 | }
|
| 37 | 43 | ||
| 38 | @Override |
44 | @Override |
| 39 | protected void configure(HttpSecurity http) throws Exception { |
45 | protected void configure(HttpSecurity http) throws Exception { |
| 40 | http.authorizeRequests() |
46 | http.authorizeRequests() |
| 41 | .antMatchers("/sistema/login").permitAll() |
- | |
| 42 | // .antMatchers("/sistema/**").authenticated()
|
- | |
| - | 47 | .antMatchers("/sistema/login**").permitAll() |
|
| - | 48 | .antMatchers("/sistema/**").authenticated() |
|
| 43 | // .anyRequest().authenticated()
|
49 | // .anyRequest().authenticated()
|
| 44 | // .anyRequest().hasAnyRole("ADMIN", "USER")
|
50 | // .anyRequest().hasAnyRole("ADMIN", "USER")
|
| 45 | .and().authorizeRequests() |
51 | .and().authorizeRequests() |
| 46 | .antMatchers("/sistema/login").permitAll() |
- | |
| 47 | .and() |
52 | .and() |
| 48 | .formLogin() |
53 | .formLogin() |
| 49 | .loginPage("/sistema/login.xhtml") |
54 | .loginPage("/sistema/login.xhtml") |
| 50 | .defaultSuccessUrl("/sistema/home.xhtml") |
55 | .defaultSuccessUrl("/sistema/home.xhtml") |
| 51 | .failureUrl("/sistema/login.xhtml?error=true") |
56 | .failureUrl("/sistema/login.xhtml?error=true") |
| 52 | .loginProcessingUrl("/loginAcao").permitAll() |
57 | .loginProcessingUrl("/loginAcao").permitAll() |
| 53 | .and() |
58 | .and() |
| 54 | .logout().logoutSuccessUrl("/sistema/login.xhtml?logout=true").invalidateHttpSession(true).permitAll() |
- | |
| - | 59 | .logout().logoutUrl("/sistema_security_logout").logoutSuccessUrl("/sistema/login.xhtml?logout=true").invalidateHttpSession(true).permitAll() |
|
| 55 | .and().csrf().disable(); |
60 | .and().csrf().disable(); |
| - | 61 | // <logout logout-url="/sistema_security_logout" logout-success-url="/sistema/index.xhtml"/>
|
|
| 56 | /*
|
62 | /*
|
| 57 | http.authorizeRequests()
|
63 | http.authorizeRequests()
|
| 58 | .antMatchers("/sistema/mega").permitAll()
|
64 | .antMatchers("/sistema/mega").permitAll()
|
| 59 | .antMatchers("/sistema/home").permitAll()
|
65 | .antMatchers("/sistema/home").permitAll()
|
| 60 | .antMatchers("/sistema/login").permitAll()
|
66 | .antMatchers("/sistema/login").permitAll()
|