diff --git a/data.mv.db b/data.mv.db index 1593f31..03f92af 100644 Binary files a/data.mv.db and b/data.mv.db differ diff --git a/src/main/java/com/example/demo/speaker/SecurityConfiguration.java b/src/main/java/com/example/demo/speaker/SecurityConfiguration.java index 833e347..ab66d58 100644 --- a/src/main/java/com/example/demo/speaker/SecurityConfiguration.java +++ b/src/main/java/com/example/demo/speaker/SecurityConfiguration.java @@ -1,24 +1,26 @@ package com.example.demo.speaker; + +import com.example.demo.speaker.controller.MVCController.UserSignupMvcController; import com.example.demo.speaker.model.UserRole; import com.example.demo.speaker.service.UserService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; - +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; +import org.springframework.security.web.SecurityFilterChain; @Configuration @EnableWebSecurity -@EnableGlobalMethodSecurity(securedEnabled = true) -public class SecurityConfiguration extends WebSecurityConfigurerAdapter { +@EnableMethodSecurity( + securedEnabled = true +) +public class SecurityConfiguration { private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class); private static final String LOGIN_URL = "/login"; private final UserService userService; @@ -36,34 +38,31 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { } } - @Override - protected void configure(HttpSecurity http) throws Exception { + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.headers().frameOptions().sameOrigin().and() .cors().and() .csrf().disable() - .authorizeRequests() - .antMatchers(UserSignupMvcController.SIGNUP_URL).permitAll() - .antMatchers(HttpMethod.GET, LOGIN_URL).permitAll() + .authorizeHttpRequests() + .requestMatchers(UserSignupMvcController.SIGNUP_URL).permitAll() + .requestMatchers(HttpMethod.GET, LOGIN_URL).permitAll() .anyRequest().authenticated() .and() .formLogin() .loginPage(LOGIN_URL).permitAll() + .defaultSuccessUrl("/appointment", true) .and() .logout().permitAll(); + return http.userDetailsService(userService).build(); } - @Override - protected void configure(AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(userService); - } - @Override - public void configure(WebSecurity web) { - web.ignoring() - .antMatchers("/css/**") - .antMatchers("/images/**") - .antMatchers("/js/**") - .antMatchers("/templates/**") - .antMatchers("/webjars/**"); + @Bean + public WebSecurityCustomizer webSecurityCustomizer() { + return (web) -> web.ignoring() + .requestMatchers("/css/**") + .requestMatchers("/js/**") + .requestMatchers("/templates/**") + .requestMatchers("/webjars/**"); } } \ No newline at end of file