33 lines
1.4 KiB
Java
33 lines
1.4 KiB
Java
package eu.dnetlib.uoaauthorizationlibrary.security;
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.context.annotation.ComponentScan;
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
|
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
|
@EnableWebSecurity
|
|
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
|
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
private final AuthorizationFilter filter;
|
|
|
|
@Autowired
|
|
WebSecurityConfig(AuthorizationFilter filter) {
|
|
this.filter = filter;
|
|
}
|
|
|
|
@Override
|
|
protected void configure(HttpSecurity http) throws Exception {
|
|
http.apply(new AuthorizationFilterConfigurer(filter));
|
|
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
|
http.authorizeRequests().anyRequest().permitAll();
|
|
http.httpBasic().authenticationEntryPoint(new EntryPoint());
|
|
}
|
|
|
|
}
|