I have the 3 classes that transcribed the code. the run method in boot starta my application. the other two classes are in the package containing the settings. I am using spring boot and I have a pom file with several dependencies, basic boot starts, tomcat, maven, javax, validation, hibernate-validator, servlet and plugins. I did not get the login to be configured and worked, the same for the encoder that was not applied when I tried to create a user with a password.
@SpringBootApplication
public class Boot extends SpringBootServletInitializer {
@Bean
public MessageSource messageSource() {
ReloadableResourceBundleMessageSource bundle = new ReloadableResourceBundleMessageSource();
bundle.setBasename("/WEB-INF/messages");
bundle.setDefaultEncoding("UTF-8");
bundle.setCacheSeconds(1);
return bundle;
}
@Bean
public LocalValidatorFactoryBean validator() {
LocalValidatorFactoryBean bean = new LocalValidatorFactoryBean();
bean.setValidationMessageSource(messageSource());
return bean;
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(Boot.class);
// tried this too
// return application.sources(Boot.class, AppWebConfiguration.class, WebSecurityConfig.class);
}
public static void main(String[] args) throws Exception {
SpringApplication.run(Boot.class, args);
}
}
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/home").permitAll().antMatchers("/home/**").permitAll()
// .antMatchers("/login").permitAll()
.antMatchers("/user/**").permitAll().antMatchers("/resources/**").permitAll()
.antMatchers("/products/form").hasRole("ADMIN").antMatchers("/shopping/**").permitAll()
.antMatchers(HttpMethod.POST, "/products").hasRole("ADMIN").antMatchers("/products/**").permitAll()
.anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll().and().logout()
.permitAll().and().exceptionHandling().accessDeniedPage("/WEB-INF/views/errors/403.jsp");
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
}
@EnableWebMvc
public class AppWebConfiguration extends WebMvcConfigurerAdapter {
@Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
configurer.enable();
}
}