package me.hao0.antares.tower.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.html");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// disable csrf
http.csrf().disable();
// uri match
http.authorizeRequests()
//.antMatchers("**/*.css", "**/*.js", "**/*.html").permitAll()
//.antMatchers(ClientUris.CLIENT_API + "/**/*", ServerUris.SERVERS + "/**/*").permitAll()
.anyRequest().authenticated()
.and()
.httpBasic();
}
@Autowired
public void configureGlobal(
AuthenticationManagerBuilder auth,
@Value("${antares.user:admin}") String user,
@Value("${antares.pass:admin}") String pass) throws Exception {
auth.inMemoryAuthentication()
.withUser(user).password(pass).roles("ADMIN");
}
}