Coverage Summary for Class: SecurityConfig (cn.edu.ecnu.stu.bookstore.config)
Class |
Method, %
|
Line, %
|
SecurityConfig |
100%
(5/5)
|
100%
(12/12)
|
SecurityConfig$$EnhancerBySpringCGLIB$$6ebde2d0 |
SecurityConfig$$EnhancerBySpringCGLIB$$6ebde2d0$$FastClassBySpringCGLIB$$9e411bf3 |
SecurityConfig$$FastClassBySpringCGLIB$$99c9aeb0 |
Total |
100%
(5/5)
|
100%
(12/12)
|
package cn.edu.ecnu.stu.bookstore.config;
import cn.edu.ecnu.stu.bookstore.filter.AuthenticationFilter;
import cn.edu.ecnu.stu.bookstore.handler.AuthenticationEntryPointImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Autowired
public AuthenticationFilter authenticationFilter;
@Bean
public AuthenticationEntryPoint authenticationEntryPoint() {
return new AuthenticationEntryPointImpl();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/auth/*", "/buyer/add_funds", "/buyer/payment").permitAll()
.anyRequest().authenticated();
http.addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint());
}
}