|
|
@ -31,6 +31,9 @@ import org.springframework.security.core.userdetails.User.UserBuilder;
|
|
|
|
import org.springframework.security.core.userdetails.UserDetails;
|
|
|
|
import org.springframework.security.core.userdetails.UserDetails;
|
|
|
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
|
|
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
|
|
|
|
|
|
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
|
|
|
|
|
|
|
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
|
|
|
|
|
|
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
|
|
|
|
|
|
|
|
|
|
|
@Configuration(proxyBeanMethods = false)
|
|
|
|
@Configuration(proxyBeanMethods = false)
|
|
|
|
public class SecurityConfiguration {
|
|
|
|
public class SecurityConfiguration {
|
|
|
@ -54,16 +57,18 @@ public class SecurityConfiguration {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Bean
|
|
|
|
@Bean
|
|
|
|
SecurityFilterChain configure(HttpSecurity http) throws Exception {
|
|
|
|
SecurityFilterChain configure(HttpSecurity http, HandlerMappingIntrospector handlerMappingIntrospector)
|
|
|
|
|
|
|
|
throws Exception {
|
|
|
|
http.authorizeHttpRequests((requests) -> {
|
|
|
|
http.authorizeHttpRequests((requests) -> {
|
|
|
|
requests.requestMatchers("/actuator/beans").hasRole("BEANS");
|
|
|
|
requests.requestMatchers(new MvcRequestMatcher(handlerMappingIntrospector, "/actuator/beans"))
|
|
|
|
|
|
|
|
.hasRole("BEANS");
|
|
|
|
requests.requestMatchers(EndpointRequest.to("health")).permitAll();
|
|
|
|
requests.requestMatchers(EndpointRequest.to("health")).permitAll();
|
|
|
|
requests.requestMatchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class))
|
|
|
|
requests.requestMatchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class))
|
|
|
|
.hasRole("ACTUATOR");
|
|
|
|
.hasRole("ACTUATOR");
|
|
|
|
requests.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll();
|
|
|
|
requests.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll();
|
|
|
|
requests.requestMatchers("/foo").permitAll();
|
|
|
|
requests.requestMatchers("/foo").permitAll();
|
|
|
|
requests.requestMatchers("/error").permitAll();
|
|
|
|
requests.requestMatchers(new AntPathRequestMatcher("/error")).permitAll();
|
|
|
|
requests.requestMatchers("/**").hasRole("USER");
|
|
|
|
requests.requestMatchers(new AntPathRequestMatcher("/**")).hasRole("USER");
|
|
|
|
});
|
|
|
|
});
|
|
|
|
http.cors(Customizer.withDefaults());
|
|
|
|
http.cors(Customizer.withDefaults());
|
|
|
|
http.httpBasic();
|
|
|
|
http.httpBasic();
|
|
|
|