backup/springboot-security-jwt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updated documentation

Browse Source
This commit is contained in:
svlada 2017-04-17 19:03:01 +02:00
parent fb15315944
commit 34fc3841a4
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -1,2 +1,3 @@
# springboot-security-jwt # springboot-security-jwt
Secure your API with JWT Tokens
This repository is created as an example for post I wrote on my blog: [JWT Authentication Tutorial: An example using Spring Boot](http://svlada.com/jwt-token-authentication-with-spring-boot/)

18
etc/blog.md
View File

@ -709,14 +709,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired private ObjectMapper objectMapper; @Autowired private ObjectMapper objectMapper;
@Bean
protected AjaxLoginProcessingFilter buildAjaxLoginProcessingFilter() throws Exception { protected AjaxLoginProcessingFilter buildAjaxLoginProcessingFilter() throws Exception {
AjaxLoginProcessingFilter filter = new AjaxLoginProcessingFilter(FORM_BASED_LOGIN_ENTRY_POINT, successHandler, failureHandler, objectMapper); AjaxLoginProcessingFilter filter = new AjaxLoginProcessingFilter(FORM_BASED_LOGIN_ENTRY_POINT, successHandler, failureHandler, objectMapper);
filter.setAuthenticationManager(this.authenticationManager); filter.setAuthenticationManager(this.authenticationManager);
return filter; return filter;
} }
@Bean
protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception { protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception {
List<String> pathsToSkip = Arrays.asList(TOKEN_REFRESH_ENTRY_POINT, FORM_BASED_LOGIN_ENTRY_POINT); List<String> pathsToSkip = Arrays.asList(TOKEN_REFRESH_ENTRY_POINT, FORM_BASED_LOGIN_ENTRY_POINT);
SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, TOKEN_BASED_AUTH_ENTRY_POINT); SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, TOKEN_BASED_AUTH_ENTRY_POINT);
@ -732,6 +730,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
return super.authenticationManagerBean(); return super.authenticationManagerBean();
} }
@Override
protected void configure(AuthenticationManagerBuilder auth) { protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(ajaxAuthenticationProvider); auth.authenticationProvider(ajaxAuthenticationProvider);
auth.authenticationProvider(jwtAuthenticationProvider); auth.authenticationProvider(jwtAuthenticationProvider);
@ -767,6 +766,21 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
} }
} }
``` ```
#### PasswordEncoderConfig
BCrypt encoder that is in AjaxAuthenticationProvider.
```language-java
@Configuration
public class PasswordEncoderConfig {
@Bean
protected BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
```
#### BloomFilterTokenVerifier #### BloomFilterTokenVerifier
This is dummy class. You should ideally implement your own TokenVerifier to check for revoked tokens. This is dummy class. You should ideally implement your own TokenVerifier to check for revoked tokens.