org.fon.documentmanagementsystem.config.security.SecurityConfig.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.fon.documentmanagementsystem.config.security.SecurityConfig.java

Introduction

Here is the source code for org.fon.documentmanagementsystem.config.security.SecurityConfig.java

Source

/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
package org.fon.documentmanagementsystem.config.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 *
 * @author Vukasin
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private CustomUserDetailsService customUserDetailsService;

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(customUserDetailsService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/resources/**").permitAll().antMatchers("/subsystems/**")
                .hasAuthority("SUPERADMIN").antMatchers("/admins/adm/**").hasAuthority("SUPERADMIN")
                .antMatchers("/admins/usr/**").hasAuthority("ADMIN").antMatchers("/processes/adm/**")
                .hasAuthority("ADMIN").antMatchers("/processes/usr/**").hasAuthority("USER")
                .antMatchers("/documenttypes/**").hasAuthority("ADMIN").antMatchers("/activity/adm/**")
                .hasAuthority("ADMIN").antMatchers("/activity/user/**").hasAuthority("USER")
                .antMatchers("/documents/**").hasAuthority("USER")
                //                .antMatchers("/api/processes/**").hasAuthority("ADMIN")
                //                .antMatchers("/api/processes/**").hasAuthority("USER")
                .anyRequest().authenticated().and().exceptionHandling().accessDeniedPage("/403").and().formLogin()
                .loginPage("/login").permitAll().and().logout().logoutUrl("/logout").logoutSuccessUrl("/login")
                .and().csrf().disable();

    }
}