yanng
/
camel-springboot-activemq6-example
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '21b1e672ff'
${ noResults }
camel-springboot-activemq6-.../src/main/java/com/example/sbcamel/SecurityConfig.java

67 lines
2.6 KiB
Raw Blame History

package com.example.sbcamel;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory;
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
import org.springframework.security.web.SecurityFilterChain;
import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
@Configuration
public class SecurityConfig {
public static final String ROLE_BACKEND = "ROLE_BACKEND";
public static final String ROLE_SERVER = "ROLE_SERVER";
@Value("${app.group-search-base:ou=groups}")
private String groupSearchBase;
@Value("${app.group-search-filter:(member={0})}")
private String groupSearchFilter;
@Value("${app.user-search-base:ou=users}")
private String userSearchBase;
@Value("${app.user-search-filter:(uid={0})}")
private String userSearchFilter;
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(
(authorize) -> authorize.requestMatchers(HttpMethod.GET, "/**").hasAuthority(ROLE_BACKEND)
.requestMatchers(HttpMethod.POST, "/**").hasAuthority(ROLE_SERVER))
.httpBasic(Customizer.withDefaults()).csrf(csrf -> csrf.disable());
return http.build();
}
@Bean
public LdapAuthoritiesPopulator authorities(BaseLdapPathContextSource contextSource) {
DefaultLdapAuthoritiesPopulator authorities = new DefaultLdapAuthoritiesPopulator(contextSource,
groupSearchBase);
authorities.setGroupSearchFilter(groupSearchFilter);
return authorities;
}
@Bean
public AuthenticationManager authenticationManager(BaseLdapPathContextSource contextSource,
LdapAuthoritiesPopulator authorities) {
LdapBindAuthenticationManagerFactory factory = new LdapBindAuthenticationManagerFactory(contextSource);
factory.setUserSearchBase(userSearchBase);
factory.setUserSearchFilter(userSearchFilter);
factory.setLdapAuthoritiesPopulator(authorities);
return factory.createAuthenticationManager();
}
@Bean
public JacksonJsonProvider jaxrsProvider() {
return new JacksonJsonProvider();
}
}
Reference in new issue View Git Blame Copy Permalink