From dfbd9e079733ebb881f1522ed2efbade1e452b73 Mon Sep 17 00:00:00 2001 From: rajesh Date: Thu, 22 Aug 2024 17:55:28 +0530 Subject: [PATCH] updated code --- .../config/SecurityConfig.java | 23 +++++++++++-------- .../gepafin/tendermanagement/dao/UserDao.java | 1 - 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java b/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java index cdec64f6..d9393278 100644 --- a/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java +++ b/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java @@ -9,6 +9,7 @@ import org.springframework.security.config.annotation.authentication.configurati import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; @@ -16,6 +17,7 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.web.servlet.handler.HandlerMappingIntrospector; import io.swagger.v3.oas.models.Components; @@ -52,16 +54,17 @@ public class SecurityConfig { MvcRequestMatcher.Builder mvc(HandlerMappingIntrospector introspector) { return new MvcRequestMatcher.Builder(introspector); } + + @Bean + public WebSecurityCustomizer webSecurityCustomizer(MvcRequestMatcher.Builder mvc) { + return (web) -> web.ignoring().requestMatchers(mvc.pattern(HttpMethod.OPTIONS, "/**")) + .requestMatchers(new AntPathRequestMatcher("/i18n/**")) + .requestMatchers(new AntPathRequestMatcher("/content/**")) + .requestMatchers(new AntPathRequestMatcher("/swagger-ui/index.html")) + .requestMatchers(new AntPathRequestMatcher("/swagger-ui/**")); + } + -// @Bean -// public WebSecurityCustomizer webSecurityCustomizer(MvcRequestMatcher.Builder mvc) { -// return (web) -> web.ignoring() -// .requestMatchers(mvc.pattern(HttpMethod.OPTIONS, "/**")) -// .requestMatchers(new AntPathRequestMatcher("/i18n/**")) -// .requestMatchers(new AntPathRequestMatcher("/content/**")) -// .requestMatchers(new AntPathRequestMatcher("/swagger-ui/index.html")) -// .requestMatchers(new AntPathRequestMatcher("/swagger-ui/**")); -// } // // @Bean // public CorsFilter corsFilter() { @@ -77,7 +80,7 @@ public class SecurityConfig { @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception { - http + http .csrf(AbstractHttpConfigurer::disable) .authorizeHttpRequests(auth -> auth .requestMatchers(mvc.pattern(HttpMethod.POST, "/v1/user/login")).permitAll() diff --git a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java index 8fb88a40..2ca30fe6 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java @@ -4,7 +4,6 @@ import net.gepafin.tendermanagement.config.Translator; import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.entities.RoleEntity; import net.gepafin.tendermanagement.entities.UserEntity; -import net.gepafin.tendermanagement.enums.CallTypeEnum; import net.gepafin.tendermanagement.enums.UserStatusEnum; import net.gepafin.tendermanagement.model.request.LoginReq; import net.gepafin.tendermanagement.model.request.UpdateUserReq;