Example 1 with AuthenticationFilter
use of eu.bcvsolutions.idm.core.security.api.auth.filter.AuthenticationFilter in project CzechIdMng by bcvsolutions.
the class WebSecurityConfig method configure.
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//
AuthenticationFilter authenticationFilter = authenticationFilter();
Set<RequestMatcher> publicPaths = authenticationFilter.getPublicPathRequestMatchers();
//
http.addFilterBefore(requestContextFilter(), BasicAuthenticationFilter.class).addFilterBefore(startUserTransactionFilter(), BasicAuthenticationFilter.class).addFilterAfter(authenticationFilter, BasicAuthenticationFilter.class).addFilterAfter(extendExpirationFilter(), BasicAuthenticationFilter.class).authorizeRequests().expressionHandler(expressionHandler()).antMatchers(HttpMethod.OPTIONS).permitAll().requestMatchers(publicPaths.toArray(new RequestMatcher[publicPaths.size()])).permitAll().antMatchers(BaseDtoController.BASE_PATH + "/**").fullyAuthenticated().anyRequest().permitAll();
}
Also used :
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter)
AuthenticationFilter(eu.bcvsolutions.idm.core.security.api.auth.filter.AuthenticationFilter)
BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter)
Aggregations
AuthenticationFilter (eu.bcvsolutions.idm.core.security.api.auth.filter.AuthenticationFilter)1
BasicAuthenticationFilter (org.springframework.security.web.authentication.www.BasicAuthenticationFilter)1
RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)1
