Package idatt2106.group3.backend.Configuration.Security

Class WebSecurityConfiguration

java.lang.Object

org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

idatt2106.group3.backend.Configuration.Security.WebSecurityConfiguration

All Implemented Interfaces:

org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

@Profile("!test")
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class WebSecurityConfiguration
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Configures WebSecurity for endpoints Not used for tests

Constructor Summary

Constructors

Constructor	Description
WebSecurityConfiguration()

Method Summary

Modifier and Type	Method	Description
protected void	configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)	Sets authentication provider defined in method under
void	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)	Method for configuration of http.
org.springframework.security.authentication.dao.DaoAuthenticationProvider	daoAuthenticationProvider()	Sets passwordEncoder and userDetailsService from service folder Needed for getting users from MySQL Database and not In-Memory database Allows authentication from MySQL Database
JwtUsernameAndPasswordAuthenticationFilter	getJWTAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)	Changes login url

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

authenticationManager, authenticationManagerBean, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WebSecurityConfiguration

public WebSecurityConfiguration()

Method Detail

configure

public void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
               throws java.lang.Exception

Method for configuration of http. CSRF is currently countered by CORS, and this app is only used on localhost currently Authentication by username and password, and JWT.

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Parameters:

http -

Throws:

java.lang.Exception

configure

protected void configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
                  throws java.lang.Exception

Sets authentication provider defined in method under

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Parameters:

auth -

Throws:

java.lang.Exception

daoAuthenticationProvider

@Bean
public org.springframework.security.authentication.dao.DaoAuthenticationProvider daoAuthenticationProvider()

Sets passwordEncoder and userDetailsService from service folder Needed for getting users from MySQL Database and not In-Memory database Allows authentication from MySQL Database

Returns:

DaoAuthenticationProvider

getJWTAuthenticationFilter

public JwtUsernameAndPasswordAuthenticationFilter getJWTAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)

Changes login url

Parameters:

authenticationManager -

Returns:

Username and password filter for login