topjava08/src/main/resources/spring/spring-security.xml at master · AlexJavaR/topjava08 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xmlns="http://www.springframework.org/schema/security"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
	http://www.springframework.org/schema/beans/spring-beans.xsd
	http://www.springframework.org/schema/security
	http://www.springframework.org/schema/security/spring-security.xsd">

    <http pattern="/resources/**" security="none"/>
    <http pattern="/webjars/**" security="none"/>

    <http pattern="/rest/**" use-expressions="true" name="restSecurityFilterChain" create-session="stateless">
        <http-basic/>
        <intercept-url pattern="/rest/admin/**" access="hasRole('ROLE_ADMIN')"/>
        <intercept-url pattern="/**" access="isAuthenticated()"/>
        <csrf disabled="true"/>
    </http>

    <http>
        <intercept-url pattern="/login" access="permitAll"/>

        <intercept-url pattern="/**/admin/**" access="hasRole('ROLE_ADMIN')"/>
        <intercept-url pattern="/**" access="isAuthenticated()"/>

        <form-login login-page="/login" default-target-url="/meals"
                    authentication-failure-url="/login?error=true"
                    login-processing-url="/spring_security_check"/>
        <logout logout-success-url="/login"/>
        <csrf disabled="true"/>
    </http>

    <authentication-manager>
        <authentication-provider user-service-ref="userService">
            <!--
                        <jdbc-user-service data-source-ref="dataSource"
                                           users-by-username-query="SELECT email, password, enabled FROM users WHERE email = ?"
                                           authorities-by-username-query="
                                                                   SELECT u.email, r.role FROM users u, user_roles r WHERE u.id = r.user_id AND u.email = ?"
                        />
                        <user-service>
                            <user name="user@yandex.ru" password="password" authorities="ROLE_USER"/>
                            <user name="admin@gmail.com" password="admin" authorities="ROLE_ADMIN"/>
                        </user-service>
            -->
        </authentication-provider>
    </authentication-manager>
</beans:beans>