I'm using a spring boot aplication and I want to configure security to use Group Authority authentication It's simple but when I try to login spring always check user authorities authentication instead of Group Authority.
My config class is:
@Configuration()
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
DataSource dataSource;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/css/**","/js/**", "/font-awesome/**").permitAll()
.anyRequest()
.authenticated().and().formLogin().loginPage("/login")
.failureUrl("/login?error").permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).
usersByUsernameQuery(
"select cpf as username, senha as password, ativo as enabled from funcionario where cpf=?")
.groupAuthoritiesByUsername("select g.id, g.nome, p.nome "
+ "from grupo g, funcionario_grupo fg, grupo_permissoes gp, permissoes p "
+ "where gf.username = ? and g.id = gp.grupo_id and g.id = fg.group_id gp.permissoes_id = p.id");
};
}
I tried with several ways to config spring to use my groupAuthoritiesByUsername even with XML but with no success.
Someone could help me, what I'm doing wrong? What is missing?
Thank you
Aucun commentaire:
Enregistrer un commentaire