package pl.edu.agh.dsm.front;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth.inMemoryAuthentication()
.withUser("Jane").password("1234").roles("USER").and()
.withUser("John").password("1234").roles("USER");
auth.eraseCredentials(false);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll();
http.formLogin().loginPage("/login").defaultSuccessUrl("/main")
.failureUrl("/login?loginError").loginProcessingUrl("/security_check")
.usernameParameter("username").passwordParameter("password");
http.logout().logoutUrl("/logout").logoutSuccessUrl("/logoutSuccess");
http.csrf().disable();
}
}