package com.nicusa; import com.nicusa.controller.SecurityController; import com.nicusa.security.UserProfileSignInAdapter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.savedrequest.HttpSessionRequestCache; import org.springframework.security.web.savedrequest.RequestCache; import org.springframework.social.connect.web.ProviderSignInUtils; import org.springframework.social.connect.web.SignInAdapter; import javax.inject.Inject; import javax.sql.DataSource; @Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Inject private DataSource dataSource; @Inject private SecurityController securityController; @Autowired public void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception { auth.jdbcAuthentication() .dataSource(dataSource) .usersByUsernameQuery("select userid, userid, true from userprofile where userid = ?") .authoritiesByUsernameQuery("select 'ROLE_USER' from DUAL") .passwordEncoder(passwordEncoder()); } @Override public void configure(WebSecurity web) { web .ignoring() .antMatchers("/**/*.css", "/**/*.png", "/**/*.gif", "/**/*.jpg", "/**/*.js","/**/*.map"); } @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable() .formLogin() .loginPage("/signin") .loginProcessingUrl("/signin/authenticate") .failureUrl("/signin?param.error=bad_credentials") .and() .logout().permitAll() .logoutUrl("/signout") .deleteCookies("JSESSIONID") .and() .authorizeRequests() .antMatchers("/search/**", "/signin/**", "/error", "/signup/**", "/autocomplete", "/drug/**", "/enforcement/**", "/event/**", "/recalls/**", "/user/**", "/", "/index.html" ,"/recalls" ,"/drug/recalls", "/drug/enforcements").permitAll() .antMatchers("/**").authenticated() .and() .rememberMe(); } @Bean public PasswordEncoder passwordEncoder() { return NoOpPasswordEncoder.getInstance(); } @Bean public RequestCache requestCache() { return new HttpSessionRequestCache(); } @Bean public SignInAdapter signInAdapter() { return new UserProfileSignInAdapter(); } @Bean public ProviderSignInUtils providerSignInUtils() { return new ProviderSignInUtils(); } }