tag:blogger.com,1999:blog-7941666868022023550.post7624239783614683992..comments2023-10-04T05:02:22.207-07:00Comments on Not Just Another Blog: Spring Security Custom FilterChainProxy using Java Configurationshazsterblog.blogspot.comhttp://www.blogger.com/profile/16033913838278307155noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-7941666868022023550.post-82859949556261596722016-11-03T14:25:09.831-07:002016-11-03T14:25:09.831-07:00Thanks for Sharing!
Very helpful!
I do not think y...Thanks for Sharing!<br />Very helpful!<br />I do not think you have to use xml+java config. with spring boot, eliminating web.xml should be quite straightforward.leonhttps://www.blogger.com/profile/04471025968275159904noreply@blogger.comtag:blogger.com,1999:blog-7941666868022023550.post-71862990739965395732014-10-28T09:11:30.223-07:002014-10-28T09:11:30.223-07:00Hi! I'm reading your post searching a way to u...Hi! I'm reading your post searching a way to using my iplementation of LoginUrlAuthenticationEntryPoint in ExceptionTranslationFilter. Here is why I'm trying it: http://stackoverflow.com/questions/26543044/spring-security-sc-unauthorized-on-ajax-call<br /><br />In short I've understand that I need to configure spring security defining a springsecurityFilterChain manually instead of using configure (HttpSecurity) facility in order to obtain my requirement. So I'm trying to translate this code:<br /><br />@Override<br />protected void configure(HttpSecurity http) throws Exception {<br /> http<br /> .csrf().disable()<br /> .authorizeRequests()<br /> .antMatchers("/resources/**").permitAll()<br /> .antMatchers("/registrazione**").permitAll() <br /> .antMatchers("/monitoring**").hasRole("ADMIN")<br /> .anyRequest().authenticated()<br /> .and()<br /> .httpBasic()<br /> .authenticationEntryPoint(getCustomEntryPoint())<br /> .and()<br /> .formLogin()<br /> .loginPage("/login").permitAll()<br /> .failureUrl("/login?login_error=t").permitAll()<br /> .loginProcessingUrl("/resources/j_spring_security_check").permitAll()<br /> .usernameParameter("j_username")<br /> .passwordParameter("j_password")<br /> .and()<br /> .logout()<br /> .logoutUrl("/resources/j_spring_security_logout").permitAll()<br /> .and()<br /> .rememberMe().tokenValiditySeconds(1209600).key("remember-me")<br /> .and() <br /> .sessionManagement()<br /> .maximumSessions(1);<br /> }<br /><br />into <br /><br />@Bean(name="springSecurityFilterChain")<br /> public FilterChainProxy springSecurityFilterChain() throws ServletException, Exception{<br /> List securityFilterChains = new ArrayList();<br /> <br /> securityFilterChains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/login**")));<br /> securityFilterChains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/resources/**"))); <br /> securityFilterChains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/registrazione**"))); <br /> <br /> <br /> securityFilterChains.add(new DefaultSecurityFilterChain(<br /> new AntPathRequestMatcher("/**"),<br /> securityContextPersistenceFilter(), <br /> logoutFilter(),<br /> usernamePasswordAuthenticationFilter(),<br /> exceptionTranslationFilter(),<br /> filterSecurityInterceptor()));<br /> <br /> <br /> <br /> return new FilterChainProxy(securityFilterChains);<br /> }<br /><br /><br />Now login page is displayed when accessing webapp, but I don't know how to render in springSecurityFilterChain() that line of code:<br /><br />.loginProcessingUrl("/resources/j_spring_security_check")<br /><br /><br />So by now I cannot login :)<br /><br />Thank you for any help!Marcohttps://www.blogger.com/profile/15203668495931622943noreply@blogger.com