From bd5fea0d8c681073683f90070629acaebfb26f17 Mon Sep 17 00:00:00 2001 From: Dave Syer Date: Sat, 18 May 2013 16:38:48 +0100 Subject: [PATCH] Updates for Security snapshots --- .../autoconfigure/SecurityConfiguration.java | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/autoconfigure/SecurityConfiguration.java b/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/autoconfigure/SecurityConfiguration.java index 51fe694ee6..003ea64de1 100644 --- a/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/autoconfigure/SecurityConfiguration.java +++ b/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/autoconfigure/SecurityConfiguration.java @@ -30,9 +30,8 @@ import org.springframework.security.authentication.DefaultAuthenticationEventPub import org.springframework.security.authentication.ProviderManager; import org.springframework.security.config.annotation.authentication.AuthenticationBuilder; import org.springframework.security.config.annotation.web.EnableWebSecurity; -import org.springframework.security.config.annotation.web.ExpressionUrlAuthorizations; import org.springframework.security.config.annotation.web.HttpConfigurator; -import org.springframework.security.config.annotation.web.SpringSecurityFilterChainBuilder.IgnoredRequestRegistry; +import org.springframework.security.config.annotation.web.WebSecurityConfiguration; import org.springframework.security.config.annotation.web.WebSecurityConfigurerAdapter; /** @@ -70,24 +69,18 @@ public class SecurityConfiguration { @Autowired private AuthenticationEventPublisher authenticationEventPublisher; - @Override - protected void ignoredRequests(IgnoredRequestRegistry ignoredRequests) { - ignoredRequests.antMatchers(this.healthzPath); - ignoredRequests.antMatchers(this.infoPath); - } - - @Override - protected void authorizeUrls(ExpressionUrlAuthorizations interceptUrls) { - interceptUrls.antMatchers("/**").hasRole("USER"); - } - @Override protected void configure(HttpConfigurator http) throws Exception { http.antMatcher("/**").httpBasic().and().anonymous().disable(); if (this.security.isRequireSsl()) { http.requiresChannel().antMatchers("/**").requiresSecure(); } + http.authorizeUrls().antMatchers("/**").hasRole("USER"); + } + @Override + public void configure(WebSecurityConfiguration builder) throws Exception { + builder.ignoring().antMatchers(this.healthzPath, this.infoPath); } @Override