| | |
|---|
| | | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; |
|---|
| | | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
|---|
| | | import org.springframework.security.config.http.SessionCreationPolicy; |
|---|
| | | import org.springframework.security.web.access.channel.ChannelProcessingFilter; |
|---|
| | | import org.springframework.security.web.authentication.AuthenticationFailureHandler; |
|---|
| | | import org.springframework.security.web.authentication.AuthenticationSuccessHandler; |
|---|
| | | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; |
|---|
| | |
|---|
| | | .authorizeRequests() |
|---|
| | | .antMatchers(API_ROOT_URL).authenticated() // Protected API End-points |
|---|
| | | .and() |
|---|
| | | .addFilterBefore(new CustomCorsFilter(), ChannelProcessingFilter.class) |
|---|
| | | .addFilterBefore(new CustomCorsFilter(), UsernamePasswordAuthenticationFilter.class) |
|---|
| | | .addFilterBefore(buildLoginProcessingFilter(AUTHENTICATION_URL), UsernamePasswordAuthenticationFilter.class) |
|---|
| | | .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(permitAllEndpointList, |
|---|
| | | API_ROOT_URL), UsernamePasswordAuthenticationFilter.class); |
|---|
