API tools faq
paste
Advertisement
noburudesu

Spring Security Usage

noburudesu
Feb 28th, 2025
236
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Java 2.83 KB | Source Code | 0 0
raw download clone embed print report
  1. // SecurityConfig.java
  2. import org.springframework.context.annotation.Bean;
  3. import org.springframework.context.annotation.Configuration;
  4. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  5. import org.springframework.security.web.SecurityFilterChain;
  6. import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
  7.  
  8. @Configuration
  9. public class SecurityConfig {
  10.  
  11.     @Bean
  12.     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
  13.         return http
  14.             .csrf().disable()
  15.             .authorizeHttpRequests(auth -> auth
  16.                 .requestMatchers("/admin/**").hasRole("ADMIN")
  17.                 .anyRequest().authenticated()
  18.             )
  19.             .addFilterBefore(new CustomAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
  20.             .addFilterAfter(new CustomAuthorizationFilter(), UsernamePasswordAuthenticationFilter.class)
  21.             .build();
  22.     }
  23. }
  24.  
  25. // CustomAuthenticationFilter
  26. import javax.servlet.FilterChain;
  27. import javax.servlet.ServletException;
  28. import javax.servlet.http.HttpServletRequest;
  29. import javax.servlet.http.HttpServletResponse;
  30. import java.io.IOException;
  31. import org.springframework.security.core.Authentication;
  32. import org.springframework.security.core.context.SecurityContextHolder;
  33. import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
  34.  
  35. public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
  36.  
  37.     @Override
  38.     protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
  39.                                             FilterChain chain, Authentication authResult) throws IOException, ServletException {
  40.         SecurityContextHolder.getContext().setAuthentication(authResult);
  41.         System.out.println("Authentication Successful");
  42.         chain.doFilter(request, response); // Pass to the next filter in the chain
  43.     }
  44. }
  45.  
  46. // CustomAuthorizationFilter
  47. import javax.servlet.FilterChain;
  48. import javax.servlet.ServletException;
  49. import javax.servlet.http.HttpServletRequest;
  50. import javax.servlet.http.HttpServletResponse;
  51. import java.io.IOException;
  52. import org.springframework.security.core.context.SecurityContextHolder;
  53. import org.springframework.web.filter.OncePerRequestFilter;
  54.  
  55. public class CustomAuthorizationFilter extends OncePerRequestFilter {
  56.  
  57.     @Override
  58.     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
  59.             throws ServletException, IOException {
  60.         if (SecurityContextHolder.getContext().getAuthentication() != null) {
  61.             System.out.println("Authorization Check Passed");
  62.         }
  63.         filterChain.doFilter(request, response); // Continue to the next filter
  64.     }
  65. }
Tags: DSGNPAT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!