package demo; import java.util.Collection; import java.util.HashSet; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; /** * * @author anand */ @Configuration @EnableWebSecurity public class MySecurityConfig extends WebSecurityConfigurerAdapter { @Bean @Override public UserDetailsService userDetailsServiceBean() { return username -> new UserDetails() { private static final long serialVersionUID = 1L; @Override public Collection<? extends GrantedAuthority> getAuthorities() { Collection<GrantedAuthority> authorities = new HashSet<>(); authorities.add(new SimpleGrantedAuthority("USER")); if (username.equals("admin")) { authorities.add(new SimpleGrantedAuthority("ADMIN")); } return authorities; } @Override public String getPassword() { return username; } @Override public String getUsername() { return username; } @Override public boolean isAccountNonExpired() { return true; } @Override public boolean isAccountNonLocked() { return true; } @Override public boolean isCredentialsNonExpired() { return true; } @Override public boolean isEnabled() { return true; } }; } @SuppressWarnings("deprecation") @Bean public AuthenticationProvider authProvider() { DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); authProvider.setUserDetailsService(userDetailsServiceBean()); authProvider.setPasswordEncoder(NoOpPasswordEncoder.getInstance()); return authProvider; } @Override protected void configure(HttpSecurity http) throws Exception { SimpleUrlAuthenticationSuccessHandler authSuccessHandler = new SimpleUrlAuthenticationSuccessHandler(); authSuccessHandler.setUseReferer(true); http.authorizeRequests() .antMatchers("/login").permitAll() .anyRequest().authenticated() .and().formLogin().defaultSuccessUrl("/test", true); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(authProvider()); } }