Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit c463511

Browse files
Introduced authorization
1 parent 29959f0 commit c463511

File tree

4 files changed

+19
-2
lines changed

4 files changed

+19
-2
lines changed

‎src/main/java/com/naturalprogrammer/spring5tutorial/config/MvcConfig.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,5 +11,6 @@ public class MvcConfig implements WebMvcConfigurer {
1111
public void addViewControllers(ViewControllerRegistry registry) {
1212
registry.addViewController("/").setViewName("home");
1313
registry.addViewController("/login").setViewName("login");
14+
registry.addViewController("/admin").setViewName("admin");
1415
}
1516
}

‎src/main/java/com/naturalprogrammer/spring5tutorial/config/SecurityConfig.java

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,13 @@
11
package com.naturalprogrammer.spring5tutorial.config;
22

33
import org.springframework.context.annotation.Configuration;
4+
import org.springframework.http.HttpMethod;
5+
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
46
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
57
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
68

79
@Configuration
10+
@EnableGlobalMethodSecurity(prePostEnabled=true)
811
public class SecurityConfig extends WebSecurityConfigurerAdapter {
912

1013
// @formatter:off
@@ -13,6 +16,11 @@ protected void configure(HttpSecurity http) throws Exception {
1316

1417
http
1518
.authorizeRequests()
19+
.mvcMatchers(HttpMethod.GET, "/").permitAll()
20+
.mvcMatchers("/signup",
21+
"/forgot-password",
22+
"/reset-password/*").permitAll()
23+
.mvcMatchers("/admin/**").hasRole("ADMIN")
1624
.anyRequest().authenticated()
1725
.and()
1826
.formLogin().loginPage("/login").permitAll()

‎src/main/webapp/WEB-INF/jsp/admin.jsp

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
2+
<%@include file="includes/header.jsp"%>
3+
4+
Hello, ADMIN!
5+
6+
<%@include file="includes/footer.jsp"%>

‎src/main/webapp/WEB-INF/jsp/includes/header.jsp

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,8 +91,10 @@
9191
</li>
9292
<li><a href="#">Another action</a></li>
9393
<li><a href="#">Something else here</a></li>
94-
<li role="separator" class="divider"></li>
95-
<li><a href="#">Separated link</a></li>
94+
<sec:authorize access="hasRole('ADMIN')">
95+
<li role="separator" class="divider"></li>
96+
<li><a href="/admin">Admin</a></li>
97+
</sec:authorize>
9698
</ul>
9799
</li>
98100
</sec:authorize>

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /