Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package aka.pirana.springsecurity.config; import javax.sql.DataSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; /** * * @author aka */ @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private DataSource dataSource; @Autowired private CustomUserDetailsService customUserDetailsService; @Override protected void configure(HttpSecurity http) throws Exception { System.out.println("aka.pirana.springsecurity.config.SecurityConfig.configure(http)"); http.csrf().disable().authorizeRequests().antMatchers("/login", "/login/form**", "/register", "/logout") .permitAll().antMatchers("/admin", "/admin/**").hasRole("ADMIN").anyRequest().authenticated().and() .formLogin().loginPage("/login/form").loginProcessingUrl("/login").failureUrl("/login/form?error") .permitAll(); } @Override public void configure(WebSecurity web) throws Exception { System.out.println("aka.pirana.springsecurity.config.SecurityConfig.configure(web)"); web.ignoring().antMatchers("/resources/**"); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { System.out.println("aka.pirana.springsecurity.config.SecurityConfig.configure(auth)"); auth.userDetailsService(customUserDetailsService); } }