2020-09-03 21:40:48 +02:00
|
|
|
package eu.dnetlib.uoaauthorizationlibrary.security;
|
|
|
|
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
import org.springframework.context.annotation.ComponentScan;
|
|
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
|
|
|
2020-09-04 13:33:39 +02:00
|
|
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
2020-09-03 21:40:48 +02:00
|
|
|
@EnableWebSecurity
|
|
|
|
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
|
|
|
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
|
|
|
private AuthorizationProvider authorizationProvider;
|
|
|
|
private AuthorizationUtils utils;
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
WebSecurityConfig(AuthorizationProvider authorizationProvider, AuthorizationUtils utils) {
|
|
|
|
this.authorizationProvider = authorizationProvider;
|
|
|
|
this.utils = utils;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
protected void configure(HttpSecurity http) throws Exception {
|
|
|
|
http.apply(new AuthorizationFilterConfigurer(authorizationProvider, utils));
|
|
|
|
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
2020-09-03 21:49:57 +02:00
|
|
|
http.authorizeRequests().anyRequest().permitAll();
|
2020-09-03 21:40:48 +02:00
|
|
|
http.httpBasic();
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|