Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package net.indialend.attendance.conf; import javax.sql.DataSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired DataSource dataSource; @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser("indialend").password("123456").roles("USER"); // auth.jdbcAuthentication().dataSource(dataSource) // .usersByUsernameQuery( // "select user,pwd, enable from users where user=?") // .authoritiesByUsernameQuery( // "select user, role from user_roles where user=?"); } //.csrf() is optional, enabled by default, if using WebSecurityConfigurerAdapter constructor @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/branch/**").access("hasRole('ROLE_USER')").antMatchers("/staff/**") .access("hasRole('ROLE_USER')").and().formLogin().loginPage("/index").failureUrl("/index?error") .defaultSuccessUrl("/branch/list").usernameParameter("username").passwordParameter("password").and() .logout().logoutUrl("/logout").logoutSuccessUrl("/index?logout").and().csrf().disable(); } }