From 82b58576b43442f5ba71e36dfd0c497cdbf36328 Mon Sep 17 00:00:00 2001 From: myh Date: Wed, 29 Nov 2023 17:25:46 +0800 Subject: [PATCH] Spring security simple implementation --- .../security/DefaultSecurityConfigure.java | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 src/main/java/com/example/springdemo/security/DefaultSecurityConfigure.java diff --git a/src/main/java/com/example/springdemo/security/DefaultSecurityConfigure.java b/src/main/java/com/example/springdemo/security/DefaultSecurityConfigure.java new file mode 100644 index 0000000..da2dcff --- /dev/null +++ b/src/main/java/com/example/springdemo/security/DefaultSecurityConfigure.java @@ -0,0 +1,31 @@ +package com.example.springdemo.security; + +import org.jetbrains.annotations.NotNull; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer; +import org.springframework.security.web.SecurityFilterChain; + +@Configuration +@EnableWebSecurity // Enable Spring Security +public class DefaultSecurityConfigure { + @Bean + public SecurityFilterChain defaultSecurityFilterChain(@NotNull HttpSecurity http) throws Exception { + var ignoreUrls = new String[]{""}; + var authedUrls = new String[]{"/users"}; + http.authorizeHttpRequests( + (req) -> req.requestMatchers(ignoreUrls).permitAll() + ) + .authorizeHttpRequests( + (req) -> req.requestMatchers(authedUrls).authenticated() + ) + .formLogin(Customizer.withDefaults()) + .csrf(AbstractHttpConfigurer::disable) + .logout(LogoutConfigurer::permitAll); + return http.build(); + } +}