|
|
@@ -1,5 +1,5 @@
|
|
|
/*
|
|
|
- * Copyright 2002-2016 the original author or authors.
|
|
|
+ * Copyright 2002-2023 the original author or authors.
|
|
|
*
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
@@ -17,6 +17,7 @@ package example;
|
|
|
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
+import org.springframework.context.annotation.Scope;
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
import org.springframework.security.core.userdetails.User;
|
|
|
@@ -24,17 +25,19 @@ import org.springframework.security.core.userdetails.UserDetails;
|
|
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
|
+import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
|
|
|
+import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
|
|
|
|
|
@Configuration
|
|
|
@EnableWebSecurity
|
|
|
public class SecurityConfiguration {
|
|
|
|
|
|
@Bean
|
|
|
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
|
|
+ public SecurityFilterChain securityFilterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception {
|
|
|
// @formatter:off
|
|
|
http
|
|
|
.authorizeHttpRequests((authorize) -> authorize
|
|
|
- .requestMatchers("/login", "/resources/**").permitAll()
|
|
|
+ .requestMatchers(mvc.pattern("/login"), mvc.pattern("/resources/**")).permitAll()
|
|
|
.anyRequest().authenticated()
|
|
|
)
|
|
|
.jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
|
|
|
@@ -42,6 +45,12 @@ public class SecurityConfiguration {
|
|
|
return http.build();
|
|
|
}
|
|
|
|
|
|
+ @Scope("prototype")
|
|
|
+ @Bean
|
|
|
+ MvcRequestMatcher.Builder mvc(HandlerMappingIntrospector introspector) {
|
|
|
+ return new MvcRequestMatcher.Builder(introspector);
|
|
|
+ }
|
|
|
+
|
|
|
// @formatter:off
|
|
|
@Bean
|
|
|
public UserDetailsService userDetailsService() {
|
Josh Cummings