I need to configure Spring Security to accept requests from external applications. I do not know how to do it, I have a project in Spring Boot and Spring Security where I only accept request from the same source. Must accept AJAX request using angular.
Codes:
Spring Security:
@Configuration
@EnableWebSecurity
//@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsServiceImp userDetailsService;
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public TokenAuthenticationService getTokenAuthenticationService() {
return new TokenAuthenticationService(userDetailsService);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/","/index.html","/recuperarSenha","/admin/**", "/app/**","/favicon.ico","/install/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.headers().cacheControl();
http.cors().disable() // disable csrf for our requests.
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers(HttpMethod.GET,"/conectado").permitAll()
.antMatchers(HttpMethod.POST,"/login").permitAll()
.antMatchers(HttpMethod.GET,"/install/admin").permitAll()
.antMatchers(HttpMethod.POST,"/login/recuperarSenha").permitAll()
.antMatchers(HttpMethod.POST,"/api/**").permitAll()
.anyRequest().authenticated()
.and()
// We filter the api/login requests
.addFilterBefore(new JWTLoginFilter("/login", authenticationManager(), getTokenAuthenticationService()), UsernamePasswordAuthenticationFilter.class)
// And filter other requests to check the presence of JWT in header
.addFilterBefore(new JWTAuthenticationFilter(getTokenAuthenticationService()), UsernamePasswordAuthenticationFilter.class);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
}
E Angular-js:
$scope.logar = function(login){
$http.post("http://192.168.0.13:8088/onblox/login",login)
.success(function(response){
$scope.response1 = response;
})
.error(function(error){
});
}