質問編集履歴
1
Spring Securityの設定を追加しました。
test
CHANGED
|
File without changes
|
test
CHANGED
|
@@ -363,3 +363,113 @@
|
|
|
363
363
|
}
|
|
364
364
|
|
|
365
365
|
```
|
|
366
|
+
|
|
367
|
+
|
|
368
|
+
|
|
369
|
+
###追加事項
|
|
370
|
+
|
|
371
|
+
|
|
372
|
+
|
|
373
|
+
SpringSecurityの設定は以下のとおりです。
|
|
374
|
+
|
|
375
|
+
ログインしていない状態で、登録ボタンのロックを解除してsubmitしたところ、ログイン状態に応じて処理の振り分けができていることまでは、確認できています。
|
|
376
|
+
|
|
377
|
+
|
|
378
|
+
|
|
379
|
+
```Java
|
|
380
|
+
|
|
381
|
+
@Configuration
|
|
382
|
+
|
|
383
|
+
@EnableWebSecurity
|
|
384
|
+
|
|
385
|
+
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|
386
|
+
|
|
387
|
+
|
|
388
|
+
|
|
389
|
+
@Autowired
|
|
390
|
+
|
|
391
|
+
AuthorizedUsersService authorizedUserSvc;
|
|
392
|
+
|
|
393
|
+
|
|
394
|
+
|
|
395
|
+
@Override
|
|
396
|
+
|
|
397
|
+
protected void configure(HttpSecurity http) throws Exception {
|
|
398
|
+
|
|
399
|
+
http.authorizeRequests()
|
|
400
|
+
|
|
401
|
+
.antMatchers("/", "/loginForm", "/api/**", "/ledger/**").permitAll()
|
|
402
|
+
|
|
403
|
+
.antMatchers("/admin/**").hasRole(AppConstants.AUTHORITY_ADMIN)
|
|
404
|
+
|
|
405
|
+
.anyRequest().authenticated();
|
|
406
|
+
|
|
407
|
+
|
|
408
|
+
|
|
409
|
+
http.formLogin()
|
|
410
|
+
|
|
411
|
+
.loginProcessingUrl("/login")
|
|
412
|
+
|
|
413
|
+
.loginPage("/loginForm")
|
|
414
|
+
|
|
415
|
+
.failureUrl("/loginForm?error")
|
|
416
|
+
|
|
417
|
+
.defaultSuccessUrl("/", true)
|
|
418
|
+
|
|
419
|
+
.usernameParameter("username")
|
|
420
|
+
|
|
421
|
+
.passwordParameter("password")
|
|
422
|
+
|
|
423
|
+
.permitAll();
|
|
424
|
+
|
|
425
|
+
|
|
426
|
+
|
|
427
|
+
http.logout()
|
|
428
|
+
|
|
429
|
+
.logoutRequestMatcher(new AntPathRequestMatcher("/logout**"))
|
|
430
|
+
|
|
431
|
+
.logoutSuccessUrl("/");
|
|
432
|
+
|
|
433
|
+
|
|
434
|
+
|
|
435
|
+
}
|
|
436
|
+
|
|
437
|
+
|
|
438
|
+
|
|
439
|
+
@Override
|
|
440
|
+
|
|
441
|
+
public void configure(WebSecurity web) throws Exception {
|
|
442
|
+
|
|
443
|
+
web.ignoring().antMatchers("/webjars/**", "/css/**");
|
|
444
|
+
|
|
445
|
+
}
|
|
446
|
+
|
|
447
|
+
|
|
448
|
+
|
|
449
|
+
@Override
|
|
450
|
+
|
|
451
|
+
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
452
|
+
|
|
453
|
+
auth.authenticationProvider(createAuthProvider());
|
|
454
|
+
|
|
455
|
+
}
|
|
456
|
+
|
|
457
|
+
|
|
458
|
+
|
|
459
|
+
private AuthenticationProvider createAuthProvider() {
|
|
460
|
+
|
|
461
|
+
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
|
|
462
|
+
|
|
463
|
+
provider.setUserDetailsService(authorizedUserSvc);
|
|
464
|
+
|
|
465
|
+
provider.setPasswordEncoder(new BCryptPasswordEncoder());
|
|
466
|
+
|
|
467
|
+
|
|
468
|
+
|
|
469
|
+
return provider;
|
|
470
|
+
|
|
471
|
+
}
|
|
472
|
+
|
|
473
|
+
}
|
|
474
|
+
|
|
475
|
+
```
|