• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• java-webapp-security-examples-master
  • javaee7-security
    • src
      • main
        • java
          • security
            • LoginResource.java
            • LogoutResource.java
            • LoginService.java
            • Health.java
            • HealthResource.java
            • LoginStatus.java
            • JavaEELoginService.java
        • webapp
          • index.jsp
          • WEB-INF
            • jetty-context.xml
            • jetty-env.xml
            • beans.xml
            • web.xml
          • login.jsp
      • test
        • resources
          • jetty.xml
          • jetty-ssl.xml
          • realm.properties
          • jetty-https.xml
          • jdbc-realm.properties
          • jetty-http.xml
    • pom.xml
  • spring-security
    • src
      • main
        • resources
          • templates
            • index.html
            • login.html
          • data.sql
          • schema.sql
          • application.properties
        • java
          • security
            • LoginController.java
            • MvcConfig.java
            • ServletInitializer.java
            • Health.java
            • HealthResource.java
            • CsrfController.java
            • LoginStatus.java
            • Application.java
            • WebSecurityConfig.java
      • test
        • java
          • security
            • MockMvcWebSecurityTests.java
            • ApplicationTests.java
            • WebSecurityTests.java
    • pom.xml
  • pom.xml
  • LICENSE
  • README.md
  • .gitignore
  • apache-shiro
    • src
      • main
        • resources
          • templates
            • index.html
            • login.html
          • data.sql
          • shiro-users.properties
          • schema.sql
          • application.properties
        • java
          • security
            • MvcConfig.java
            • ServletInitializer.java
            • Health.java
            • HealthResource.java
            • Application.java
            • WebSecurityConfig.java
      • test
        • java
          • security
            • ApplicationTests.java
    • pom.xml

package security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import javax.sql.DataSource;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private DataSource dataSource;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/","/api/login","/api/csrf").permitAll()
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .loginPage("/login")
                .permitAll()
                .and()
            .httpBasic()
                .and()
            .logout()
                .permitAll()
                .and()
            .rememberMe();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .jdbcAuthentication()
                .dataSource(this.dataSource)
                .passwordEncoder(new BCryptPasswordEncoder());
    }
}