2021-12-07 10:23:36 +01:00
|
|
|
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
2020-09-03 21:40:48 +02:00
|
|
|
|
2021-12-07 10:23:36 +01:00
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
|
2020-09-03 21:40:48 +02:00
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
|
|
|
2020-09-04 13:33:39 +02:00
|
|
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
2020-09-03 21:40:48 +02:00
|
|
|
@EnableWebSecurity
|
|
|
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
2021-11-16 14:37:06 +01:00
|
|
|
private final AuthorizationFilter filter;
|
2020-09-03 21:40:48 +02:00
|
|
|
|
|
|
|
@Autowired
|
2021-11-16 14:37:06 +01:00
|
|
|
WebSecurityConfig(AuthorizationFilter filter) {
|
|
|
|
this.filter = filter;
|
2020-09-03 21:40:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
protected void configure(HttpSecurity http) throws Exception {
|
2021-11-16 14:37:06 +01:00
|
|
|
http.apply(new AuthorizationFilterConfigurer(filter));
|
2020-09-03 21:40:48 +02:00
|
|
|
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
2020-09-03 21:49:57 +02:00
|
|
|
http.authorizeRequests().anyRequest().permitAll();
|
2020-11-25 13:30:41 +01:00
|
|
|
http.httpBasic().authenticationEntryPoint(new EntryPoint());
|
2020-09-03 21:40:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|