+++ /dev/null
-/*
- * Copyright 2020 Huawei Technologies Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.eliot.eliotbe.eliotk8sclient.config;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-
-@Configuration
-@EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-
- @Autowired
- private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
-
- @Autowired
- private UserDetailsService jwtUserDetailsService;
-
- @Autowired
- private JwtRequestFilter jwtRequestFilter;
-
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
- // configure AuthenticationManager so that it knows from where to load
- // user for matching credentials
- // Use BCryptPasswordEncoder
- auth.userDetailsService(jwtUserDetailsService).passwordEncoder(passwordEncoder());
- }
-
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
-
- @Bean
- @Override
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
-
- @Override
- protected void configure(HttpSecurity httpSecurity) throws Exception {
- // We don't need CSRF for this example
- httpSecurity.csrf().disable()
- // dont authenticate this particular request
- .authorizeRequests().antMatchers("/authenticate").permitAll().
- // all other requests need to be authenticated
- anyRequest().authenticated().and().
- // make sure we use stateless session; session won't be used to
- // store user's state.
- exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
-
- // Add a filter to validate the tokens with every request
- httpSecurity.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
- }
-}
Code Review / eliot.git / blobdiff