Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package cn.net.withub.demo.bootsec.hello.config; import cn.net.withub.demo.bootsec.hello.security.CustomAccessDecisionManager; import cn.net.withub.demo.bootsec.hello.security.CustomAuthenticationProvider; import cn.net.withub.demo.bootsec.hello.security.CustomFilterInvocationSecurityMetadataSource; import cn.net.withub.demo.bootsec.hello.security.CustomSecurityFilter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.encoding.Md5PasswordEncoder; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity; /** * Web? * * @author Diluka */ @Configuration @EnableWebMvcSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { //?Bean @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } /** * ??? * * @return */ @Bean public AuthenticationProvider authenticationProvider() { AuthenticationProvider authenticationProvider = new CustomAuthenticationProvider(); return authenticationProvider; } /** * ??? * * @param http * @throws Exception */ @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/", "/home").permitAll().antMatchers("/admin/**").hasRole("ADMIN") ///admin/?URL???admin? .anyRequest().authenticated() //URL?? .and().formLogin() //Java???POST???/login???username??password?? .loginPage("/login").permitAll() //???GET?/login?? .and().logout().permitAll() //(??)??/login??/login?error?permitAll()?formLogin()URL .and().exceptionHandling().accessDeniedPage("/error.html"); } /** * * @param web * @throws Exception */ @Override public void configure(WebSecurity web) throws Exception { //? web.ignoring().antMatchers("/resources/**", "/js/**", "/css/**", "/image/**"); } /** * * * @param auth * @throws Exception */ @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { //?roles()??ROLE_ //? auth.inMemoryAuthentication().withUser("admin").password("admin").roles("ADMIN", "A");//?ROLE_ADMIN, ROLE_A //? auth.authenticationProvider(authenticationProvider()); } @Bean public Md5PasswordEncoder md5PasswordEncoder() { return new Md5PasswordEncoder(); } @Bean public CustomSecurityFilter securityFilter() { CustomSecurityFilter securityFilter = new CustomSecurityFilter(); return securityFilter; } @Bean public CustomFilterInvocationSecurityMetadataSource securityMetadataSource() { return new CustomFilterInvocationSecurityMetadataSource(); } @Autowired @Bean public CustomAccessDecisionManager accessDecisionManager() { return new CustomAccessDecisionManager(); } // @Bean // public AuthenticationEntryPoint ajaxAuthenticationEntryPoint() { // return new AuthenticationEntryPoint() { // @Override // public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { // response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // } // }; // } // // @Bean // public RequestMatcher ajaxRequestMatcher() { // return new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"); // } }