1 package org.springframework.security.oauth.examples.config;
2
3 import org.springframework.context.annotation.Configuration;
4 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
5 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 import org.springframework.security.config.annotation.web.builders.WebSecurity;
7 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
8 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
9
10 @Configuration
11 @EnableWebSecurity
12 public class SecurityConfig extends WebSecurityConfigurerAdapter {
13
14 @Override
15 protected void configure(AuthenticationManagerBuilder auth) throws Exception {
16 auth.inMemoryAuthentication().withUser("marissa").password("wombat").roles("USER").and().withUser("sam")
17 .password("kangaroo").roles("USER");
18 }
19
20 @Override
21 public void configure(WebSecurity web) throws Exception {
22 web.ignoring().antMatchers("/resources/**");
23 }
24
25 @Override
26 protected void configure(HttpSecurity http) throws Exception {
27
28 http.authorizeRequests()
29 .antMatchers("/sparklr/**","/facebook/**").hasRole("USER")
30 .anyRequest().permitAll()
31 .and()
32 .logout()
33 .logoutSuccessUrl("/login.jsp")
34 .logoutUrl("/logout.do")
35 .permitAll()
36 .and()
37 .formLogin()
38 .loginPage("/login.jsp")
39 .loginProcessingUrl("/login.do")
40 .failureUrl("/login.jsp?authentication_error=true")
41 .usernameParameter("j_username")
42 .passwordParameter("j_password")
43 .permitAll();
44
45 }
46
47 }