11

I have working XML-based security configuration in my Spring MVC project:

<security:http use-expressions="true"
               authentication-manager-ref="authenticationManager">
    <security:intercept-url pattern="/" access="permitAll"/>
    <security:intercept-url pattern="/dashboard/home/**" access="hasAnyRole('ROLE_USER, ROLE_ADMIN')"/>
    <security:intercept-url pattern="/dashboard/users/**" access="hasRole('ROLE_ADMIN')"/>
    <security:intercept-url pattern="/rest/users/**" access="hasRole('ROLE_ADMIN')"/>
    <security:form-login login-page="/"/>
</security:http>

And I have question: is it possible to fully replace it by Java configuration? What annotations and where should I use for "use-expressions", "intercept-url", etc.?

Improve this question

1 Answer 1

Reset to default
16

Yes, if you are using Spring security 3.2 and above, it will be something like this : 

@Configuration
@EnableWebSecurity
public class MyWebSecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/resources/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/").permitAll()
                .antMatchers("/dashboard/home/**").hasAnyRole("USER", "ADMIN")
                .antMatchers("/dashboard/users/**").hasRole("ADMIN")
                .antMatchers("/rest/users/**").hasRole("ADMIN")
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .loginPage("/")
                .permitAll();
    }

    // Possibly more overridden methods ...
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@Jean how can we configure WebSecurity using XML configuration ?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.