gfsBackendService/src/main/java/org/eclipse/openk/gridfailureinformation/config/SecurityConfig.java - openk-usermodules/org.eclipse.openk-usermodules.gridFailureInformation.backend - Git at Google

 /*
  *******************************************************************************
  * Copyright (c) 2019 Contributors to the Eclipse Foundation
  *
  * See the NOTICE file(s) distributed with this work for additional
  * information regarding copyright ownership.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0 which is available at
  * http://www.eclipse.org/legal/epl-2.0.
  *
  * SPDX-License-Identifier: EPL-2.0
  *******************************************************************************
  */
 package org.eclipse.openk.gridfailureinformation.config;

 import org.eclipse.openk.gridfailureinformation.config.auth.JwtAuthenticationEntryPoint;
 import org.eclipse.openk.gridfailureinformation.config.auth.JwtAuthenticationTokenFilter;
 import org.eclipse.openk.gridfailureinformation.config.auth.JwtTokenValidationFilter;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

 @Configuration
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(
         prePostEnabled = true,
         securedEnabled = true,
         jsr250Enabled = true)
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

     @Autowired
     private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

     @Autowired
     private JwtTokenValidationFilter jwtTokenValidationFilter;

     @Autowired
     private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;

     @Override
     protected void configure(HttpSecurity http ) throws Exception {
         http
                 .authorizeRequests()
                 .antMatchers("/**").permitAll()
                 .anyRequest().authenticated()
                 .and()
                 .cors()
                 .and()
                 .exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint)
                 .and()
                 .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 .and()
                 .csrf().disable()
                 .logout().disable()
                 .formLogin().disable()
                 .anonymous()
                 .and()
                 .addFilterAfter(jwtTokenValidationFilter, BasicAuthenticationFilter.class)
                 .anonymous()
                 .and()
                 .addFilterAfter(jwtAuthenticationTokenFilter, BasicAuthenticationFilter.class);
     }


 }
	/*
	*******************************************************************************
	* Copyright (c) 2019 Contributors to the Eclipse Foundation
	*
	* See the NOTICE file(s) distributed with this work for additional
	* information regarding copyright ownership.
	*
	* This program and the accompanying materials are made available under the
	* terms of the Eclipse Public License v. 2.0 which is available at
	* http://www.eclipse.org/legal/epl-2.0.
	*
	* SPDX-License-Identifier: EPL-2.0
	*******************************************************************************
	*/
	package org.eclipse.openk.gridfailureinformation.config;

	import org.eclipse.openk.gridfailureinformation.config.auth.JwtAuthenticationEntryPoint;
	import org.eclipse.openk.gridfailureinformation.config.auth.JwtAuthenticationTokenFilter;
	import org.eclipse.openk.gridfailureinformation.config.auth.JwtTokenValidationFilter;
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.context.annotation.Configuration;
	import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
	import org.springframework.security.config.annotation.web.builders.HttpSecurity;
	import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
	import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
	import org.springframework.security.config.http.SessionCreationPolicy;
	import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

	@Configuration
	@EnableWebSecurity
	@EnableGlobalMethodSecurity(
	prePostEnabled = true,
	securedEnabled = true,
	jsr250Enabled = true)
	public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

	@Autowired
	private JwtTokenValidationFilter jwtTokenValidationFilter;

	@Autowired
	private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;

	@Override
	protected void configure(HttpSecurity http ) throws Exception {
	http
	.authorizeRequests()
	.antMatchers("/**").permitAll()
	.anyRequest().authenticated()
	.and()
	.cors()
	.and()
	.exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint)
	.and()
	.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
	.and()
	.csrf().disable()
	.logout().disable()
	.formLogin().disable()
	.anonymous()
	.and()
	.addFilterAfter(jwtTokenValidationFilter, BasicAuthenticationFilter.class)
	.anonymous()
	.and()
	.addFilterAfter(jwtAuthenticationTokenFilter, BasicAuthenticationFilter.class);
	}


	}