Temporarily remove security matchers

Temporarily back out `SpringBootSecurity` to enable easier
package refactoring.

See gh-10261
This commit is contained in:
Phillip Webb
2017-09-04 23:52:03 -07:00
parent ecb8461e8c
commit 0f99b29b1a
7 changed files with 27 additions and 390 deletions

View File

@@ -20,7 +20,6 @@ import java.util.Date;
import java.util.Map;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.SpringBootSecurity;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -61,22 +60,17 @@ public class SampleWebSecureApplication implements WebMvcConfigurer {
@Configuration
protected static class ApplicationSecurity extends WebSecurityConfigurerAdapter {
private final SpringBootSecurity springBootSecurity;
public ApplicationSecurity(SpringBootSecurity springBootSecurity) {
this.springBootSecurity = springBootSecurity;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// FIXME
// @formatter:off
http.authorizeRequests()
.requestMatchers(this.springBootSecurity.staticResources()).permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin().loginPage("/login").failureUrl("/login?error").permitAll()
.and()
.logout().permitAll();
// http.authorizeRequests()
// .requestMatchers(staticResources()).permitAll()
// .anyRequest().fullyAuthenticated()
// .and()
// .formLogin().loginPage("/login").failureUrl("/login?error").permitAll()
// .and()
// .logout().permitAll();
// @formatter:on
}