Skip to content
Snippets Groups Projects
Commit 8cfd0050 authored by Robert Goldmann's avatar Robert Goldmann
Browse files

fixed deprecated spring security config

parent 6c34e223
No related branches found
No related tags found
No related merge requests found
......@@ -3,6 +3,7 @@ package de.deadlocker8.budgetmaster.authentication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
......@@ -20,21 +21,18 @@ public class WebSecurityConfig
return new BCryptPasswordEncoder();
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception
{
http
.csrf()
.and()
.authorizeHttpRequests()
.csrf(csrf -> csrf.configure(http))
.authorizeHttpRequests(authorization -> authorization
.requestMatchers("/css/**", "/js/**", "/images/**", "/webjars/**", "/favicon.ico", "/touch_icon.png").permitAll()
.requestMatchers("/login").permitAll()
.requestMatchers("/**").authenticated()
.and()
.formLogin()
.requestMatchers("/**").authenticated())
.formLogin(formLogin -> formLogin
.loginPage("/login")
.permitAll()
.successHandler((req, res, auth) -> {
Object preLoginURL = req.getSession().getAttribute("preLoginURL");
if(preLoginURL == null || preLoginUrlBlacklist.isBlacklisted(preLoginURL.toString()))
......@@ -44,10 +42,9 @@ public class WebSecurityConfig
redirectStrategy.sendRedirect(req, res, preLoginURL.toString());
})
.permitAll()
.and()
.logout()
.permitAll();
)
.logout(LogoutConfigurer::permitAll
);
return http.build();
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment