Commit 9dc71311 authored by Sascha Herzinger's avatar Sascha Herzinger
Browse files

Refactored authenticationProvider in own file

parent 5d4dc120
package lcsb.mapviewer.web.config;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import javax.annotation.PostConstruct;
@Service
public class LocalAuthenticationProvider implements AuthenticationProvider {
private DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
private UserDetailsService userDetailsService;
private PasswordEncoder passwordEncoder;
public LocalAuthenticationProvider(UserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
this.userDetailsService = userDetailsService;
this.passwordEncoder = passwordEncoder;
}
@PostConstruct
private void init() {
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
return daoAuthenticationProvider.authenticate(authentication);
}
@Override
public boolean supports(Class<?> authentication) {
return daoAuthenticationProvider.supports(authentication);
}
}
......@@ -4,17 +4,13 @@ import javax.transaction.Transactional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.*;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.*;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
......@@ -23,6 +19,8 @@ import lcsb.mapviewer.api.SpringRestApiConfig;
import lcsb.mapviewer.services.SpringServiceConfig;
import lcsb.mapviewer.web.bean.utils.*;
import java.util.List;
@Transactional
@Configuration
......@@ -34,33 +32,27 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
private AuthenticationSuccessHandler successHandler;
private AuthenticationFailureHandler failureHandler;
private LogoutSuccessHandler logoutSuccessHandler;
private UserDetailsService userDetailsService;
private PasswordEncoder passwordEncoder;
private List<AuthenticationProvider> authenticationProviders;
@Autowired
SpringSecurityConfig(AuthenticationSuccessHandler successHandler,
AuthenticationFailureHandler failureHandler,
LogoutSuccessHandler logoutSuccessHandler,
UserDetailsService userDetailsService,
PasswordEncoder passwordEncoder) {
List<AuthenticationProvider> authenticationProviders) {
super(false);
this.successHandler = successHandler;
this.failureHandler = failureHandler;
this.logoutSuccessHandler = logoutSuccessHandler;
this.userDetailsService = userDetailsService;
this.passwordEncoder = passwordEncoder;
this.authenticationProviders = authenticationProviders;
}
@Bean
public AuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setPasswordEncoder(passwordEncoder);
authenticationProvider.setUserDetailsService(userDetailsService);
return authenticationProvider;
@Override
protected void configure(AuthenticationManagerBuilder auth) {
authenticationProviders.forEach(auth::authenticationProvider);
}
@Override
public void configure(WebSecurity web) throws Exception {
public void configure(WebSecurity web) {
web.ignoring()
.antMatchers("/")
.antMatchers("*.xhtml")
......@@ -71,7 +63,6 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authenticationProvider(authenticationProvider())
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and()
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment