Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package org.consultjr.mvc.core.config.security; import javax.sql.DataSource; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.PropertySource; import org.springframework.core.env.Environment; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; /** * * @author Rafael */ @Configuration @EnableWebMvcSecurity @PropertySource("classpath:application.properties") @EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true) public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter { private Logger logger = LoggerFactory.getLogger(ApplicationSecurityConfig.class); @Autowired private Environment environment; @Autowired private DataSource dataSource; @Autowired @Qualifier("UDService") private UserDetailsService userDetailsService; @Bean public PasswordEncoder passwordEncoder() { PasswordEncoder encoder = new BCryptPasswordEncoder(); return encoder; } @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); } @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/resources/**"); } @Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().loginPage("/login").failureUrl("/login?error").usernameParameter("username") .passwordParameter("password").and().logout().logoutSuccessUrl("/login?logout").and().csrf().and() .exceptionHandling().accessDeniedPage("/403").and().authorizeRequests() .antMatchers("/", "/login/**", "/signup/**", "/about/**", "/support/**", "/contact/**", "/Public/**", // for public content... CMS, Ajax, etc "/System/install/**", "/User/edit/**", "/User/panel/**") .permitAll().antMatchers("/Client/**").hasAuthority("client").antMatchers("/Admin/**", "/User/**") .hasAuthority("admin").anyRequest().authenticated(); } }