Skip to content

Commit

Permalink
Merge branch 'master' into stage
Browse files Browse the repository at this point in the history
  • Loading branch information
@GodCipher
GodCipher committed May 31, 2024
2 parents 0f4a2b7 + 8c7acbf commit 28119a6
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions paladins-webservice/src/main/java/dev/luzifer/spring/config/WebSecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,11 @@
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter;
import org.springframework.security.web.util.matcher.RequestMatcher;

@Configuration
@EnableWebSecurity
Expand All @@ -39,7 +41,7 @@ public ApiKeyAuthFilter apiKeyAuthFilter(AuthenticationManager authenticationMan
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
AuthenticationManager authenticationManager =
http.getSharedObject(AuthenticationConfiguration.class).getAuthenticationManager();
authenticationManager(http.getSharedObject(AuthenticationConfiguration.class));

http.csrf(AbstractHttpConfigurer::disable)
.formLogin(AbstractHttpConfigurer::disable)
Expand All @@ -48,12 +50,13 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
.sessionManagement(
session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.addFilterBefore(
apiKeyAuthFilter(authenticationManager), UsernamePasswordAuthenticationFilter.class);
apiKeyAuthFilter(authenticationManager), SecurityContextPersistenceFilter.class);

log.debug("API key: {}", apiKey);
log.debug("API key header: {}", apiKeyHeader);

return http.build();
return new DefaultSecurityFilterChain(
http.getSharedObject(RequestMatcher.class), apiKeyAuthFilter(authenticationManager));
}

@Bean
Expand Down

0 comments on commit 28119a6

Please sign in to comment.