steleks-university-project
/
steleks_backend
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-07-05. You can view files and clone it, but cannot push or open issues/pull-requests.
steleks_backend/steleks-proxy/src/main/java/ba/steles/security/SecurityConfig.java

38 lines
1.6 KiB
Java
Raw Blame History

package ba.steles.security;/**
* Created by ensar on 16/05/17.
*/
import ba.steles.service.discovery.ServiceDiscoveryClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
@EnableWebSecurity
@ComponentScan("org.baeldung.security")
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private RestTemplateBuilder restTemplateBuilder;
@Autowired
private ServiceDiscoveryClient discoveryClient;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests()
.antMatchers(HttpMethod.OPTIONS).permitAll()
.antMatchers("/users/**", "/users", "/").permitAll()
.antMatchers("/users/users", "/users/users/**").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.addFilterBefore(new AuthenticationFilter(restTemplateBuilder.build(), discoveryClient), UsernamePasswordAuthenticationFilter.class);
}
}
Reference in New Issue View Git Blame Copy Permalink