| | |
| | | @EnableWebSecurity |
| | | public class WebSecurityConfig extends WebSecurityConfigurerAdapter { |
| | | public static final String AUTHENTICATION_HEADER_NAME = "X-Authorization"; |
| | | public static final String REFRESH_TOKEN_HEADER_NAME = "X-Refrsh-Token"; |
| | | public static final String AUTHENTICATION_PARAM_NAME = "_token"; |
| | | public static final String AUTHENTICATION_URL = "/auth/login"; |
| | | public static final String REFRESH_TOKEN_URL = "/auth/token"; |
| | |
| | | .antMatchers(API_ROOT_URL).authenticated() // Protected API End-points |
| | | .and() |
| | | .addFilterBefore(new CustomCorsFilter(), UsernamePasswordAuthenticationFilter.class) |
| | | .addFilterBefore(buildLoginProcessingFilter(AUTHENTICATION_URL), UsernamePasswordAuthenticationFilter.class) |
| | | .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(permitAllEndpointList, |
| | | API_ROOT_URL), UsernamePasswordAuthenticationFilter.class); |
| | | .addFilterBefore(buildLoginProcessingFilter(AUTHENTICATION_URL), UsernamePasswordAuthenticationFilter.class); |
| | | //.addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(permitAllEndpointList, API_ROOT_URL), UsernamePasswordAuthenticationFilter.class); |
| | | } |
| | | } |