53 lines
1.9 KiB
Java
53 lines
1.9 KiB
Java
|
package eu.openaire.urls_controller.security;
|
||
|
|
||
|
import org.slf4j.Logger;
|
||
|
import org.slf4j.LoggerFactory;
|
||
|
import org.springframework.context.annotation.Bean;
|
||
|
import org.springframework.context.annotation.Configuration;
|
||
|
import org.springframework.security.authentication.AuthenticationManager;
|
||
|
import org.springframework.security.config.BeanIds;
|
||
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||
|
|
||
|
|
||
|
@Configuration
|
||
|
@EnableWebSecurity
|
||
|
@EnableGlobalMethodSecurity (
|
||
|
securedEnabled = false, // Just for now..
|
||
|
jsr250Enabled = true,
|
||
|
prePostEnabled = true
|
||
|
)
|
||
|
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||
|
|
||
|
private static final Logger logger = LoggerFactory.getLogger(SecurityConfiguration.class);
|
||
|
|
||
|
|
||
|
// Defines which resources are public and which are secured.
|
||
|
@Override
|
||
|
protected void configure(HttpSecurity http) throws Exception {
|
||
|
http
|
||
|
.headers()
|
||
|
.frameOptions()
|
||
|
.sameOrigin()
|
||
|
.and()
|
||
|
.cors()
|
||
|
.and()
|
||
|
.csrf()
|
||
|
.disable()
|
||
|
.exceptionHandling()
|
||
|
.and()
|
||
|
.sessionManagement()
|
||
|
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||
|
.and()
|
||
|
.authorizeRequests()
|
||
|
.antMatchers("/**").permitAll()
|
||
|
//.anyRequest().authenticated()
|
||
|
//.and()
|
||
|
//.requiresChannel()
|
||
|
//.anyRequest().requiresSecure()
|
||
|
;
|
||
|
}
|
||
|
}
|