Work on blog.
This commit is contained in:
svlada
parent
f1795f4eb6
commit
0f6f29ef00
35
etc/blog.md
35
etc/blog.md
@ -415,7 +415,7 @@ public class AjaxAwareAuthenticationSuccessHandler implements AuthenticationSucc
|
||||
|
||||
#### AjaxAwareAuthenticationFailureHandler
|
||||
|
||||
AjaxAwareAuthenticationFailureHandler is invoked by Spring in case of authentication failure. You can create specific error message based on exception type that have occured during the authentication process.
|
||||
AjaxAwareAuthenticationFailureHandler is invoked by Spring in case of authentication failure. You can create specific error message based on exception type that have occurred during the authentication process.
|
||||
|
||||
```
|
||||
@Component
|
||||
@ -447,21 +447,26 @@ public class AjaxAwareAuthenticationFailureHandler implements AuthenticationFail
|
||||
}
|
||||
```
|
||||
|
||||
#### WebSecurityConfig - Initial version to support AJAX based login
|
||||
#### WebSecurityConfig
|
||||
|
||||
This is first version of WebSecurityConfig. We will add more configuration to it once we start with showcase of JWT Authentication flow.
|
||||
Extends WebSecurityConfigurerAdapter to configure our custom Security filters.
|
||||
|
||||
```
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
public static final String JWT_TOKEN_HEADER_PARAM = "X-Authorization";
|
||||
public static final String FORM_BASED_LOGIN_ENTRY_POINT = "/api/auth/login";
|
||||
public static final String TOKEN_BASED_AUTH_ENTRY_POINT = "/api/**";
|
||||
public static final String TOKEN_REFRESH_ENTRY_POINT = "/api/auth/token";
|
||||
|
||||
@Autowired private RestAuthenticationEntryPoint authenticationEntryPoint;
|
||||
@Autowired private AuthenticationSuccessHandler successHandler;
|
||||
@Autowired private AuthenticationFailureHandler failureHandler;
|
||||
@Autowired private AjaxAuthenticationProvider ajaxAuthenticationProvider;
|
||||
@Autowired private JwtAuthenticationProvider jwtAuthenticationProvider;
|
||||
|
||||
@Autowired private TokenExtractor tokenExtractor;
|
||||
|
||||
@Autowired private AuthenticationManager authenticationManager;
|
||||
|
||||
@ -474,6 +479,16 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
return filter;
|
||||
}
|
||||
|
||||
@Bean
|
||||
protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception {
|
||||
List<String> pathsToSkip = Arrays.asList(TOKEN_REFRESH_ENTRY_POINT, FORM_BASED_LOGIN_ENTRY_POINT);
|
||||
SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, TOKEN_BASED_AUTH_ENTRY_POINT);
|
||||
JwtTokenAuthenticationProcessingFilter filter
|
||||
= new JwtTokenAuthenticationProcessingFilter(failureHandler, tokenExtractor, matcher);
|
||||
filter.setAuthenticationManager(this.authenticationManager);
|
||||
return filter;
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Override
|
||||
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||
@ -482,6 +497,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
protected void configure(AuthenticationManagerBuilder auth) {
|
||||
auth.authenticationProvider(ajaxAuthenticationProvider);
|
||||
auth.authenticationProvider(jwtAuthenticationProvider);
|
||||
}
|
||||
|
||||
@Bean
|
||||
protected BCryptPasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -498,8 +519,14 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers(FORM_BASED_LOGIN_ENTRY_POINT).permitAll() // Login end-point
|
||||
.antMatchers(TOKEN_REFRESH_ENTRY_POINT).permitAll() // Token refresh end-point
|
||||
.antMatchers("/console").permitAll() // H2 Console Dash-board - only for testing
|
||||
.and()
|
||||
.addFilterBefore(buildAjaxLoginProcessingFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
.authorizeRequests()
|
||||
.antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated() // Protected API End-points
|
||||
.and()
|
||||
.addFilterBefore(buildAjaxLoginProcessingFilter(), UsernamePasswordAuthenticationFilter.class)
|
||||
.addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Loading…
Reference in New Issue
Block a user