spring mvc - How to configure thymeleaf-extras-springsecurity4 without xml? -


i'm trying use code snippet in view, content shown regardless of user's role.

<div sec:authorize="hasrole('role_admin')">             <!-- admin content --> </div>

add build.gradle following dependency:

compile("org.springframework.boot:spring-boot-starter-security")

you must add spring security configuration in example:

@configuration public class springsecurityconfig extends websecurityconfigureradapter {      @autowired     public void configureglobal(authenticationmanagerbuilder auth) throws exception {         auth                 .inmemoryauthentication()                 .withuser("admin").password("admin").roles("admin", "user")                 .and().withuser("user").password("user").roles("user");     }      @override     protected void configure(httpsecurity http) throws exception {         http.authorizerequests().antmatchers("/", "/index/**").permitall()                 .and().authorizerequests().antmatchers("/login", "logout").permitall()                 .and().formlogin().loginpage("/login").defaultsuccessurl("/").permitall()                 .and().logout()                         .deletecookies("remove")                         .invalidatehttpsession(true)                         .logouturl("/logout")                         .logoutsuccessurl("/logout-success")                         .logoutrequestmatcher(new antpathrequestmatcher("/logout"));     } }

read more @ securing web application.


-

Comments

Post a Comment

Popular posts from this blog

java - SSE Emitter : Manage timeouts and complete() -

i writing web app multiple listeners(evcentsource sse clients js) connected server . want store sse emitter per connected listener : can done in memory or other means assigning id each client able achieve far now question ; how send response/event specific client connected web app ? while doing sseemmiters stored either getting completed or timed out. how prevent ? how keep sseemmiter available open infinite time (till client closes) , send events selectively .
Read more

jquery - uncaught exception: DataTables Editor - remote hosting of code not allowed -

i'm trying implement crud operation using datatableseditor using datatables.but i'm getting error messages: 1)uncaught exception: datatables editor - remote hosting of code not allowed. please see http://editor.datatables.net details on how purchase editor license 2)typeerror: a.editor undefined 3) $.fn.datatable.editor not constructor" what reason? here configuration: <%@ page language="java" contenttype="text/html; charset=iso-8859-1" pageencoding="iso-8859-1"%> <!doctype html public "-//w3c//dtd html 4.01 transitional//en" "http://www.w3.org/tr/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <title>insert title here</title> <link rel="stylesheet" type="text/css" href="//cdn.datatables.net/1.10.12/css/jquery.datatables.min.css"> <link re...
Read more

java - How to resolve error - package com.squareup.okhttp3 doesn't exist? -

i trying convert json java object use of gson in maven, following youtube video guidance - https://www.youtube.com/watch?v=vqgghm9pwe0 , theres error occurs when in main class error - package com.squareup.okhttp3 doesn't exist. code below: java package com.codebeasty.json; import com.squareup.okhttp3.okhttpclient; public class main { private static okhttpclient client = new okhttpclient(); public static void main (string [] args) { } } i put in dependency in pom.xml: <dependencies> <dependency> <groupid>com.squareup.okhttp3</groupid> <artifactid>okhttp</artifactid> <version>3.4.2</version> </dependency> <dependency> <groupid>com.google.code.gson</groupid> <artifactid>gson</artifactid> <version>2.8.0</version> </dependency> </dependencies> i dont understand why doesn't recognize com.squareup. there may need download? have downl...
Read more